Learn about security solutions and standards
Care about security? We do too. Learn what Atlassian does and what you can do too.
You can either block or allow API token access for external users to your organization.
By default, your organization's API token access is set to allow. This means external users can make API calls with an API token to access products in your organization.
When you block API token access for external users, they are unable to use API tokens to access products through a product API, even if they previously used a token to access them.
When an external user makes a call to a product API, we let them know an admin blocked the token and to contact them to understand why.
To block API token access:
Go to admin.atlassian.com and select your organization if you have more than one.
Select Security > External users.
Choose API token access for external users.
Select Block.
Click Update to save your changes.
To allow API token access:
Go to admin.atlassian.com and select your organization if you have more than one.
Click on Security > External users.
Choose API token access for external users.
Select Allow.
Click Update to save your changes.
Was this helpful?