You must include a valid token through an HTTP custom header to authenticate your API calls :
For each API, you can create as many tokens as you want in the credentials page. See platform tour documentation for more details.
You can revoke a token on the credentials section. Note that once a token is revoked, you can't create a new token with the same name, and using this token to authenticate to your API will lead to a 401 error.
Note that technical limitations are set up for each account depending on your plan. The default limitations are low, even for the free plans, but if you need to lower those limitations, feel free to ask the support team.
These limitations are configured for your entire subscription, regardless of tokens or IP address.