# Access tokens
Access tokens are strings that identify the client of an API recipe. The token value is a secret that is shared between a client and the Workato server. A token is passed to the API in an authorization header. The header must have a valid value for the call to succeed.
Workato supports four token formats: Auth Token, OAuth 2.0, JSON Web Token (JWT), and OpenID Connect.
# Access token comparison
| Auth Token | OAuth 2.0 | JSON Web Token (JWT) | OpenID Connect | |
|---|---|---|---|---|
| Simple to set up and configure into the API request. | Yes | Yes | Yes | Yes |
| Represents a Workato Access Profile. | Yes | Yes | Yes | Yes |
| Can be reused for multiple web applications. | No | Yes | No | Yes |
| Tokens with limited validity. | No | Yes | Optional | Yes |
Learn more about how you can use access tokens with the Workato API Platform:
Last updated: 5/25/2024, 12:46:29 AM