Why are API tokens per user?

Does anyone know why API tokens are generated per user rather than per project?

The only place I can see to generate them is https://sentry.io/settings/account/api/auth-tokens/ but this is a user-level setting, meaning other users in my organisation don’t see the same tokens that I do.

3 Likes

Came here to ask the same question.

Had the same question and I reached out support, this is the answer I got:

Sentry’s Integration Platform was launched about a year and a half ago and is the recommended way to create an org-wide token for the sentry-cli and similar tools so they are not user-specific. You can create one in the Developer Settings under Internal Integrations and select the desired auth levels - for releases that is typically Release:Admin and Org:Read . Anyone can use the tokens as they act as their own entity in Sentry instead of acting on behalf of the user that created them. However, a user can only create a token with scopes available within their membership role.

Hope this is helpful to anyone coming across the same problem