A pop-up survey could appear while you're here--curious what it's for? Click here to learn more!

×
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Can we turn off use created API Token creation but still use ones created by a service account?

Christopher Johnston
Christopher Johnston
Contributor
September 16, 2025

As the title explains, we want a chance to vet the API Tokens being used in our environment. As such, we want to update the authentication policy to turn off user created tokens. However, we have a service account that all of the admins have access to so that we can create on behalf of others (and thus vet the requests.)

The only option I see in the settings states "Determine whether members can access products with a user API token" Allow or Block.

Any insight into what happens when we choose Block? Does it just go away from the Account Settings / Security page for users? Or does it stop all API Tokens from working?

 

Answer
Watch
Like Be the first to like this
79 views

2 answers

1 accepted

0 votes
Answer accepted
Mikael Sandberg
Mikael Sandberg
Community Champion
September 16, 2025

You can do this by setting up a new Authentication policy and set it to allow API token access and add your service accounts as members of the policy. Once that is done change the default one to block API token access to prevent users from creating tokens.

View More Comments
Christopher Johnston
Christopher Johnston
Contributor
September 16, 2025

Brilliant. This does should do the trick.

Like Mikael Sandberg likes this
Reply
0 votes
Matteo Vecchiato
Matteo Vecchiato
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 16, 2025

Hi @Christopher Johnston ,

The authentication policy applies to member selected inside it, the service account should not be involved in the users authentication policies.

Regards 

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
ENTERPRISE
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security