Starting with VMware Cloud Director 10.3.1, you can generate and issue API access tokens. Administrators with the Manage all users' API tokens right can view and revoke the access tokens of the other tenant users in the organization.

Access tokens are artifacts that client applications use to make API requests on behalf of a user. Applications need access tokens for authentication. When an access token expires, to obtain access tokens, applications can use API tokens. API tokens do not expire.

For more information about generating and issuing API access tokens, see Generate an API Access Token.


Verify that you have the Manage all users' API tokens right.


  1. In the top navigation bar, click Administration.
  2. In the left panel under Access Control, click Users.
  3. To view the tokens of other users in your organization, select the name of a user and select the Access Tokens tab.
  4. (Optional) Click the vertical ellipsis next to a token and click Revoke.