title	description	updated_date
Okta API	How to create an Okta API token for accessing audit logs and user data.	2025-10-24T16:45:21Z

What we need

[] API Token [] Okta domain (e.g., your-domain.okta.com)

Follow these steps to create an Okta API token that can be used as a bearer token:

Creating an Okta API Token

Log in to your Okta Admin Dashboard
- Navigate to your Okta Admin Dashboard (typically https://your-domain-admin.okta.com).
- Sign in with an administrator account that has sufficient permissions.
Access the API section
- In the Admin Dashboard, navigate to Security > API.
- Select the Tokens tab.
Create a new token
- Click the Create Token button.
- Enter a meaningful name for your token (e.g., “Audit Logs Access”).
- Click Create Token.
Copy and secure your token
- Once created, your token will be displayed only once.
- Copy the token immediately and store it securely.
- This token cannot be viewed again after you navigate away from this page.
Set token expiration (Optional)
- By default, Okta API tokens do not expire.
- For enhanced security, consider setting an expiration date in your organization’s token settings.

You can use this token in API requests by setting:

Authorization: SSWS YOUR_API_TOKEN_HERE

Note: Okta uses the SSWS (Secure, Single-Workload Service) prefix before the token, not the standard Bearer prefix.

To access Okta audit logs and user data, ensure your administrator account has the following permissions:

Read-Only Administrator role or custom role with:
- View System Log permission
- Read-Only access to Reports

Read-Only Administrator role or custom role with:
- Read-Only access to Users
- Read-Only access to User Profile

Common endpoints you can access with this token:

GET https://your-domain.okta.com/api/v1/logs

GET https://your-domain.okta.com/api/v1/users

For more detailed information, refer to the Okta API Reference.