Personal Access Tokens (PATs) are an alternative to short-lived tokens. Unlike short-lived tokens — which generate JWTs valid for 24 hours — PATs authenticate directly and remain valid for one year.
All information throughout this documentation (examples, request formats, response bodies) applies equally when authenticating with a PAT, with two exceptions.
1. URL
Append /pat before the resource path in all API requests.
Standard URL example: https://api.walkme.com/public/v1/users
PAT URL example: https://api.walkme.com/public/pat/v1/users
The
accounts/connect/tokencall used to generate a JWT is not required when using PATs.
2. Authorization header format
Send the PAT directly in the Authorization header — no scheme prefix (e.g. no Bearer).
Authorization: <YOUR_PAT>
