# Access Token
Access tokens are strings that identify the client of an API Recipe. The token value is a secret that is shared between a client and the Workato server. A token is passed to the API in an authorization header. The header must have a valid value for the call to succeed.
Workato supports three token formats: Auth Token, OAuth 2.0 and JSON Web Token (JWT).
# Difference between Auth Token and JSON Web Token
|-||Auth Token||OAuth 2.0||JSON Web Token (JWT)||OpenID Connect|
|Simple to setup and configure into the API request.||Yes||Yes||Yes||Yes|
|Represents a Workato Access Profile.||Yes||Yes||Yes||Yes|
|Can be reused for multiple web applications.||No||Yes||No||Yes|
|Tokens with limited validity.||No||Yes||Optional||Yes|
Find out about how you can use access tokens with Workato API.