# Authentication on Hablla API

The Hablla API offers two authentication methods. Each is intended for different purposes, ranging from automated integrations to actions traceable to human users.

### 1. Authentication via Workspace Token (Recommended)

The **Workspace Token** is a token directly linked to a specific workspace. It is the most practical and robust form of authentication for integrations and automations.

**Main Advantages:**

* Allows access to most API routes.
* **Does not expire**.
* Can be used securely in automated environments.
* Offers traceability (actions are recorded in the history as executed via automation).

#### How to obtain

You can capture the *workspace token* when executing a flow in Hablla that uses an API component. In the request response, it will be available in the `Authorization`.

> **📌 Visual example:**

<figure><img src="https://1592162275-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FrmxWrIrMauHcIrsuqfGq%2Fuploads%2FmjOa5OXxLkWxFaA4JSkj%2Funknown.png?alt=media&#x26;token=d26d5358-498f-4d8c-92bc-e2373f2082ea" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
[*The field `Authorization` contains the token you should use. Important: always replace with `token_here` when sharing public examples to avoid leaks.*](#user-content-fn-1)[^1]
{% endhint %}

#### Identifying the Workspace ID

The workspace ID (example: `64e683e59a0a699241b5727c`) is unique per client. You can find it directly in the browser URL when accessing your environment in Hablla Studio:

`https://studio.hablla.com/workspaces/<WORKSPACE_ID>`

#### Request example

```http
GET [https://api.hablla.com/v1/workspaces/](https://api.hablla.com/v1/workspaces/)<WORKSPACE_ID>/persons?page=1&limit=50

Headers:
Authorization: <YOUR_TOKEN_HERE>
```

### 2. Authentication via User Token (optional)

The **User Token** represents an authenticated human user. It is used when you want API actions to appear in the history as performed by a specific collaborator.

#### How it works

This token is generated after the user logs in.

> **⚠️ Attention:** This token **expires in approximately 1 hour**. After that time, reauthentication is required.

#### Request example with User Token

```bash
curl "https://api.hablla.com/v2/workspaces/<WORKSPACE_ID>/persons?page=1&limit=50" \
  -H "authorization: Bearer token_here" \
  -H "accept: application/json"
```

### Conclusion

| Token Type      | Ideal for                          | Traceable actions? | Expiration   | Recommended? |
| --------------- | ---------------------------------- | ------------------ | ------------ | ------------ |
| Workspace Token | Integrations, automations, bots    | ✅ Yes (as a bot)   | ❌ No         | ✅ Yes        |
| User Token      | Actions assigned to specific users | ✅ Yes (per user)   | ✅ Yes (\~1h) | Optional     |

[^1]: