Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Administrate API token activity

Varvara
Varvara
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
April 14, 2026

Hello, everyone!

I have a question. There are several ways to create different tokens. And I’m interested in a moment, I have users on the test account and they created user tokens. As an administrator, I wanted to see information about the Insights-> Api tokens activity. But I don’t see anything, not even the administrative token that I issued myself. User accounts aren’t managed. I have all the products in a free trial and all the premium. I would appreciate it if someone could bring this up and also wanted to clarify how to block the ability for users to create personal tokens, and how to issue them as an admin. Thank you!

Answer
Watch
Like Be the first to like this
48 views

3 answers

0 votes
Amal Johnson
Amal Johnson
April 14, 2026

Hello @Varvara ,

If you're already in cloud environment, in the admin portal under Security --> user security, you have option to create "Authentication" policies where you can set restrictions on Token creation for local directory users or managed account users. 

Reply
0 votes
Ugnius Aušra
Ugnius Aušra
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
April 14, 2026

Hey @Varvara 

First of all, you can't see activity of unmanaged user accounts, outside your organization.

If you are organization admin, yes you can still track what those users are doing in your organization.

Second, for such a insights there's App called - Atlassian Guard.

Org admin, can't create token for user and block them from creating.

You can revoke access, if those accounts are managed, but no more.

Also all my experience is from Atlassian Cloud, so if you are working on Data Center, it can be different.

Reply
0 votes
Arkadiusz Wroblewski
Arkadiusz Wroblewski
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
April 14, 2026

Hello @Varvara 

Insights → API token activity only shows tokens for managed accounts. Since your users are not managed, their personal API tokens will not appear there. It also does not cover every other token type, such as org admin API keys or service account tokens.

Also, admins cannot create a personal API token for another user. Those have to be created by the users themselves.

For external users, there is a separate API token access control, but that is about whether their tokens can access your apps, not about centrally managing their personal tokens.

https://support.atlassian.com/security-and-access-policies/docs/available-external-user-security-settings/ 

Reply

Suggest an answer

Log in or Sign up to answer
Atlassian logo
Atlassian Account
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security