> ## Documentation Index
> Fetch the complete documentation index at: https://docs.dfns.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Personal Access Tokens (PAT)

> API endpoints to create, list, activate, and revoke personal access tokens (PATs) used to authenticate API requests on behalf of a user.

<Card title="Create a Personal Access Token" icon="plus" href="/guides/developers/personal-access-token">
  Step-by-step guide to create a PAT and configure your SDK
</Card>

Personal Access Tokens (PATs) are used to automate actions on behalf of a user.

PATs are linked to your user. The effective permissions of a PAT are always the intersection of the user's permissions and the token's own permissions, enforced on every request. This means you can create a read-only PAT to monitor transactions in your wallet without reducing the permissions of your user.

Since PATs are tied to a user, if the user is deactivated, all their PATs stop working (the backend validates the user's active status on every request). Reactivating the user restores PAT access. Because of this, PATs are not meant to be used for server tasks. If you have a long-lived task, it is recommended that you use a [Service Account](/api-reference/auth/service-accounts) instead, as Service Accounts are not tied to a specific user. This also means that a Service Account can have different permissions from the user that created the Service Account, giving you the ability to limit user permissions without affecting server tasks.

## Personal Access Token object