You can generate and issue API access tokens. VMware Cloud Director administrators with the Manage all users' API tokens right can use the Tenant Portal to view and revoke the access tokens of the other tenant users in the organization.

Access tokens are artifacts that client applications use to make API requests on behalf of a user. Applications need access tokens for authentication. When an access token expires, to obtain access tokens, applications can use API tokens. API tokens do not expire.

For more information about generating and issuing API access tokens, see Generate an API Access Token Using Your VMware Cloud Director Tenant Portal.

When you select a user, on the API Tokens tab you can view and revoke their API tokens.


Verify that you have the Manage all users' API tokens right.


  1. In the top navigation bar, click Administration.
  2. In the left panel under Access Control, click Users.
  3. To view the tokens of other users in your organization, select the name of a user and select the API Tokens tab.
  4. (Optional) Click the vertical ellipsis next to a token and click Revoke.