A particular administrator can be the Account Manager for one organization only and can generate API token for the same account not for any other.
In Endpoint Protection (SEP) Mobile console, it is not possible to create a different set of policies or groups. So multiple environments are created with a "different set of policies".
All these environments are managed by the same administrator account.
As per the current product design, they cannot generate API tokens for each of the environments using the same administrator account.
It is working as designed.
There is a Product enhancement request raised to overcome this drawback. This article will be updated once the feature is deployed.