---
title: Authorization Tokens
description: Ensure Widgets have the appropriate permissions in your application.
showNextPage: true
originalPath: .tmp-workos-clone/packages/docs/content/widgets/tokens.mdx
---

Widgets must be supplied with an authorization token. The token can be acquired in one of two ways:

- If you are using the `authkit-js` or `authkit-react` libraries, you can use the provided access token.
- If you use one of our backend SDKs, use the "get token" method in the SDK to request a token with the appropriate scope for the widget you want to use. Widget tokens expire after one hour.

<CodeBlock file="widgets-get-token" />

> New WorkOS accounts are created with an "Admin" role that has all Widget permissions assigned. Existing accounts will need to assign the proper permissions to a role. This can be done on the "Roles" page of the WorkOS Dashboard. See the [Roles and Permissions guide](/authkit/roles-and-permissions) for more information.

To successfully generate a token, the user must be assigned a role with the correct permissions for the widget.