# Organization Access Tokens

**Organization Access Tokens** authenticate the **Management APIs**.

Use these for administrative work:

- Create and configure Accounts
- Set up and modify Integrations
- Manage Members and access policies
- Configure Integration Points


This token carries broad organizational authority and operates at the management layer.
Treat it like a service account credential — store it securely, never expose it in client code.

## Scope and Authority

Organization Access Tokens grant access to the Management APIs, which control the full lifecycle
of Synqly resources within your Organization. Any operation that creates, modifies, or deletes
Accounts, Integrations, Integration Points, or Members requires this token.

| API | Token required | Used for |
|  --- | --- | --- |
| Management APIs | Organization Access Token | Create and configure Synqly resources |
| Connector APIs | Integration Access Token | Interact with external providers |


## Why Two Token Types?

Separation of authority
Without this separation, a runtime integration could gain administrative access, and
provider-facing operations could modify organization-level resources. Synqly enforces
least-privilege by design: management authority and operational execution are always isolated.

Use Organization Access Tokens only where administrative operations are required. For runtime
provider interactions, use Integration Access Tokens instead.