# Authentication

The All-Images API uses Personal access tokens to authenticate requests.

You can view and manage your access tokens in the [API Keys](https://app.all-images.ai/en/api-keys) page of your All-Images user account.

To authenticate a request, provide the token in the `api-key` header of the request:

```markup
curl -H "api-key: <your_access_token>" https://api.all-images.ai/v1/api-keys/check
```

Access tokens are tied to the All-Images user account for which they were created. **A token provides the same level of access & privileges that its associated All-Images user account would have.**

{% hint style="warning" %}
Please be sure to keep your API access tokens secure! Do not share them in emails, chat messages, client-side code or publicly accessible sites.

If you have accidentally shared an API access token publicly, you can revoke it in the [API Keys](https://app.all-images.ai/api-keys) page of your All-Images user account by clicking the "Remove" button beside the token.
{% endhint %}