diff --git a/swh/web/templates/api/api.html b/swh/web/templates/api/api.html
--- a/swh/web/templates/api/api.html
+++ b/swh/web/templates/api/api.html
@@ -242,8 +242,8 @@
   <h4 id="rate-limiting">Rate limiting</h4>
   <p>
     Due to limited resource availability on the back end side, API usage is currently rate limited.
-    Furthermore, as API usage is currently entirely anonymous (i.e., without any authentication),
-    API "users" are currently identified by their origin IP address.
+    Anonymous (i.e., without any authentication) API "users" are currently identified by their origin
+    IP address.
   </p>
 
   <p>
@@ -270,6 +270,29 @@
 X-RateLimit-Limit: 60
 X-RateLimit-Remaining: 54
 X-RateLimit-Reset: 1485794532</code></pre>
+
+  <h4 id="authentication">Authentication</h4>
+  <p>
+    It is possible to perform authenticated requests to the Web API through the use of a bearer token
+    sent in HTTP Authorization headers.
+    <br/>
+    To obtain such a token, an account to the
+    <a href="{% url 'oidc-login' %}">Software Heritage Authentication service</a> must be created.
+    <br/>
+    To generate and manage bearer tokens, a dedicated interface is available on the
+    <a href="{% url 'oidc-profile' %}#tokens">user profile page</a> once logged in.
+  </p>
+  <p>
+    The following shows how to perform an authenticated request to the Web API using <code>curl</code>.
+    <pre>curl -H "Authorization: Bearer ${TOKEN}" {{ site_base_url }}api/...</pre>
+  </p>
+  <p>
+    Authenticated requests can be used to lift rate limiting if the user account has the adequate
+    permission.
+    If you are in such a need, please <a href="https://www.softwareheritage.org/contact/">contact us</a>
+    and we will review your request.
+  </p>
+
 </div>
 <script>
   swh.webapp.initPage('api');