<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base

Can a Single API Token Be Used for Multiple Tenants

Last Updated:

Administration
Okta Identity Engine
Okta Classic Engine

Overview

This article clarifies whether an API token created in one organization can be used in a different, separate organization.

Applies To

  • API Tokens

Solution

API tokens created in one tenant cannot be used to perform API requests in another tenant. 

  • API tokens are used to authenticate requests to the Okta API.
  • An API token is issued for a specific user and all requests with the token act on behalf of the user.
  • API tokens inherit the privilege level of the admin that created them.
  • For security reasons, the tokens are tied to the user and tenant in which they are created and, therefore, cannot be used to authenticate API requests made on another tenant.


Related References

Recommended content

Still looking for help?
Loading
Okta Support - Can a Single API Token Be Used for Multiple Tenants