# Auth token

An Auth token is the simplest way to authenticate an API request with Workato.

How can I retrieve a new Auth token?

You can retrieve an Auth token when you create a new access profile. You can only view this token once. If you lose the token, you will need to refresh and retrieve a new token.


Go to Platform > API Platform > Clients.


Click on the access profile you plan to retrieve an Auth token for.


Click the Refresh button next to the Auth token to generate a new one. Note that refreshing your Auth token will revoke access for clients using the current Auth token.

Refresh the Auth token Refresh the Auth token


Save your Auth token in a secure place.

Configure a header with your Auth token. For example:

-H 'api-token: ed776fdfbf5003b4aa6bcaafea8f9003ffb6986454822ce7ebb3c1a8efc08348'

Now, when an API request is made, Workato will read this header value and recognize that the request is from a verified access profile.

# Basic authentication

Alternatively, the API request can be authenticated using the basic auth scheme (opens new window). Use api-token as the username and your token value as the password. For example, using the -u option in curl:

-u api-token: ed776fdfbf5003b4aa6bcaafea8f9003ffb6986454822ce7ebb3c1a8efc08348

This should construct and send the following header:

-H 'Authorization: Basic YXBpLXRva2VuOmVkNzc2ZmRmYmY1MDAzYjRhYTZiY2FhZmVhOGY5MDAzZmZiNjk4NjQ1NDgyMmNlN2ViYjNjMWE4ZWZjMDgzNDg='

Last updated: 5/25/2024, 12:46:29 AM