# API Access Tokens

## API Access Tokens

API Access Tokens are the simplest method of authorization for a developer or an application to use the CARTO APIs. API Access Tokens are **permanent** and they are **NOT tied to a specific user's set of permissions.**

These tokens can be restricted to:

* Use only specific [APIs](/carto-for-developers/key-concepts/apis.md)
* Access only specific data sources for specific [connections](/carto-for-developers/key-concepts/connections.md)
* Be used only by specific websites

### How to get an API Access Token

To create an API Access Token, go to your CARTO Workspace and navigate to the Developers section. To read more about this, check our article on [how to create your first API Access Token](/carto-user-manual/developers/managing-credentials/api-access-tokens.md).

### When to use API Access Tokens

{% hint style="success" %}
You should use API Access Tokens if you are:

* Testing any of the data-related CARTO APIs (Maps, SQL, LDS, Imports)
* Testing deck.gl and other integrations
* Building a import script or an ETL
* Building a public application (no login required) or sharing code
* Building a private application using your own login where the security access levels can still be managed manually.
  {% endhint %}

{% hint style="info" %}
API Access Tokens can be managed programmatically (to build more complex setups) using a Machine-to-Machine application, a different authentication method.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.carto.com/carto-for-developers/key-concepts/authentication-methods/api-access-tokens.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.