Skip to main content

API Token vs Bearer Token

When working with the ExoClick API, you'll encounter two types of authentication tokens: API tokens and Bearer tokens. Understanding the difference between them is crucial for secure and effective API usage.

Here's the distinction:

API Token

  • Permanent (until disabled or deleted)
  • Used to authenticate your account with the API initially
  • You get it from your profile settings

Bearer Token

  • Temporary, expires after a short time
  • Issued after you login with your API token
  • Used for all subsequent API requests to avoid sending the permanent API token each time
  • Adds a layer of security as it's only valid for a limited time

In short: the API token proves who you are and the Bearer token is a temporary key that lets you make requests safely.