I'm currently making an API and wanted to know if the API user has to send the token every time they make a request. I'm using Flask_JWT_Extended to handle authentication with the API. The token gets send in the header.
Yes, that's one of the consequences of the REST "stateless" constraint.
each request from client to server must contain all of the information necessary to understand the request -- Fielding 2000