<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
What Happens to the API Token if the User's Password Expires
Dec 11, 2023
Okta Classic Engine
Okta Identity Engine
Administration
Overview

API tokens are used to authenticate requests to the Okta API. An API token is issued for a specific user and all requests with the token act on behalf of the user. API tokens are secrets and should be treated like passwords.

API tokens are generated with the permissions of the user that created the token. If a user’s permissions change, then so do the tokens. Super admins, org admins, group admins, group membership admins, and read-only admins may create tokens.

Applies To
  • API Token
  • Password Policy
Solution

The API token does not expire, along with the user's password. As long as the Okta user account that created that token does not get deactivated or deleted, the API token will not be affected. The next time the user account is used to sign into Okta, it will be asked to set up a new password.
 

Related References

Recommended content

Still looking for help?
Loading
What Happens to the API Token if the User's Password Expires