<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D51Y00008Mw4TMSAZOkta Classic EngineAdministrationAnswered2026-04-01T09:00:20.000Z2020-04-28T20:29:42.000Z2020-05-04T23:19:22.000Z

susab (susab) asked a question.

April 28, 2020 at 8:29 PM
User (Read only or Report admin) for SIEM/SOC and create an API token

I need to create a Read_Only account and request an API token to provide to our SOC/SIEM. I created the Admin account (under Security - Administrators) and assigned the Reports Administrator role to it. When creating the token for the SOC (read only), do I do that as my Org Admin role, or is there a way to create it as the Read_Only user? I do not see an option to create token under the Read-Only user that I created.

  • 2 answers
  • 1.52K views

  • k5fuw (k5fuw)

    Don't use your own Org Admin account. API tokens always have the same rights as the account used to create them. The Reports Admin role does not have the right to create API tokens. You want to assign it the Read-Only Admin role, and then sign in with it and generate the token. Once you have the token, then go back and remove the Read-Only Admin role (leaving the Reports Admin role intact). The token will now have the same rights as the account - Reports Admin.

    Expand Post
    Selected as Best

  • k5fuw (k5fuw)

    Don't use your own Org Admin account. API tokens always have the same rights as the account used to create them. The Reports Admin role does not have the right to create API tokens. You want to assign it the Read-Only Admin role, and then sign in with it and generate the token. Once you have the token, then go back and remove the Read-Only Admin role (leaving the Reports Admin role intact). The token will now have the same rights as the account - Reports Admin.

    Expand Post
    Selected as Best

  • susab (susab)

    Mike,

    Thank you very much for the prompt response and I was thinking the same as you suggested, but was very uncertain, as I have not created such an account for a SOC in Okta. Your solution did work and I appreciate it. Thank you very much!

    Larry Cortez

This question is closed.
Loading
User (Read only or Report admin) for SIEM/SOC and create an API token