Oauth 2.0 Tokens vs API Tokens

Hello, I am beginner in Okta and I just started reading the docs.
I’d like to ask what is the use case (best practice) to use api tokens or oauth 2.0 tokens (e.g. client credentials flow)?

I am building a middleware web-service.

Hey There! we recommend using jwt (oauth) wherever possible - Most Okta endpoints support OAuth. Here’s a guide that goes over OAuth for Okta, which is sounds like you might be interested in. Some more on JWTs in general can be found here.

1 Like