# Authentication

To learn how to obtain your personal access token, refer to the [**Access Token Generation**](https://docs.probe.splx.ai/settings/platform-settings/user-settings/personal-access-tokens#access-token-generation) section in the documentation.

All users, including those with free accounts, [must generate a Personal Access Token (PAT)](https://docs.probe.splx.ai/settings/platform-settings/user-settings/personal-access-tokens) to authenticate with the Platform API.

## Using the Personal Access Token

Once you've obtained your personal access token, include it in the header of your request as a value of a "**X-Api-Key**" key:

```
X-Api-Key = "<PAT>"
```

**Example Request:**

```bash
curl -L \
  --request POST \
  --url '/api/v2/test-run/trigger' \  
  --header 'X-Api-Key: YOUR_API_KEY' \  # Replace YOUR_API_KEY with your personal access token
  --header 'Content-Type: application/json-patch+json' \  
  --data '{"targetId":1,"probeIds":[1,2,3],"name":"SPLX Test Run"}'  
```

## Response to Unauthorized Access

If the Authorization header is not provided, or if an invalid token is used, the API will return a 401 Unauthorized error. This response indicates that authentication is required to access the requested resource.

**Example Response:**

```json
{
  "error": {
    "message": "Unauthorized: Authentication is required to access this resource.",
    "code": "UNAUTHORIZED"
  }
}
```

{% hint style="warning" %}

* **Ensure your token is kept secure**: Your personal access token provides access to your API resources. Do not share or expose your token publicly.
* **Token Expiry**: Personal access tokens may have an expiration date based on the configuration set during their creation. Make sure to regenerate your token if needed.
  {% endhint %}