Personal Access Tokens

Personal Access Tokens (PATs) are an alternative to short-lived tokens. Unlike short-lived tokens — which generate JWTs valid for 24 hours — PATs authenticate directly and remain valid for one year.

📘

All information throughout this documentation (examples, request formats, response bodies) applies equally when authenticating with a PAT, with two exceptions.

1. URL

Append /pat before the resource path in all API requests.

Standard URL example: https://api.walkme.com/public/v1/users

PAT URL example: https://api.walkme.com/public/pat/v1/users

📘

The accounts/connect/token call used to generate a JWT is not required when using PATs.

2. Authorization header format

Send the PAT directly in the Authorization header — no scheme prefix (e.g. no Bearer).

Authorization: <YOUR_PAT>