Unless you are using an API endpoint that requires these permissions, we recommend you avoid generating API tokens with them without explicit thought as they provide access which can pose a higher risk if misused:

Permission Tab (uiv4)Permission NamePermission Value
SettingsAccount InformationManage
SettingsSecurityManage
SettingsUser AccessManage
SettingsUser ProfileManage
ModulesAll Installed ModulesManage
ModulesAllow management of Access Groups* Enabled
ResourcesAll Devices*Manage
ResourcesAll Devices*Remote Session
ResourcesCollectorsManage
ResourcesCollectorsRemote Session


*We recommend scoping your Resource access rather than providing access to All Devices.