In Okta, API tokens are generated with the permissions of the user that created the token. If a user’s permissions change, then so do the token’s. Super admins, org admins, and group admins may create tokens.

Additionally, Okta recommends generating API tokens using a service account that won’t be deactivated and with Super Admin permissions that won’t change.

Login to Okta. Click on your Profile in the top right corner, copy the domain (including .okta.com) below your email.

Enter the domain into Merge Link.

Click on Security in the left hand column, and select API from the dropdown. Click Create Token. Enter a name for your token.