How to check if Current User is from API Token


I have some API workflows exposed for external systems which use an API Token. I want to protect those workflows from anything or anyone that does not possess an API Token.

What checks should I run in the “Only when” of the API Workflow? I have noticed that the “Current User’s unique id” starts with “admin_user” when using an API Token but I haven’t found any documentation about it. I don’t know if that’s a future-proof way to check for API Token use.

Is there a clean way to make that verification?

Thank you,