Let’s look at the key features of Management Token:
Stack-level token; not a user-specific token
An important thing to know about Management Token is that it is not a user-specific token. It’ a stack-level token, and can be used to make authorized CMA by anyone who has access to it.
Provides access control
While creating management tokens, you can define if this token can be used to perform just READ activities, or both READ and WRITE.
Provision to set expiry
You can define if the token should have a specific expiry (i.e., expire on a specific date) or not expire at all.
Owner/admins can create
Only the stack owner or admins can create a management token.
Maximum 10 active management tokens can be live in a stack. Management tokens cannot be used to invite or remove users or add approval-related publish rules. Read more about its limitations.