API tokens are used to authenticate requests to the Okta APIs. API tokens inherit the API access of the user who creates them, so we recommend that you create a service account user with only the permission levels that you need for the token to perform the API tasks that you require.
You can now interact with Okta APIs using scoped OAuth 2.0 access tokens for a number of Okta endpoints. Each access token enables the bearer to perform specific actions on specific Okta endpoints, with that ability controlled by which scopes the access token contains. For more information, see the OAuth for Okta guide.