Census’ Management APIs require proper authentication to ensure that your requests are secure and have the necessary permissions. The Workspace and Organization APIs both use Bearer authentication but they use different security tokens.
Always keep your tokens private. Avoid exposing them in client-side code or public repositories. If you
believe a token has been compromised, regenerate or delete it immediately from the Census application.
For the Organization APIs, Personal Access Tokens are used for authentication. These tokens carry the same permissions as the user who generates them. If you require a token with admin privileges (for example to create & manage workspaces) make sure the user account that creates it has admin permissions.