This document provide instructions for auditing the violations such as expiration date for API tokens and allows organization owners to take actions on the API tokens. 

Below steps can be performed by organization owner. 

1)  Login to VMware Cloud Services  https://console.cloud.vmware.com and select the appropriate organization. 

2)  Enable Identity and Access Governance by clicking on the pop-up "link identity provider" 



3) Link the IDP and get started with Governance.





4) After linking the IDP, you will see "Governance" tab added to VMware cloud services.



5) Organization owner can check the expiration of the api-tokens by setting the API TTL policy as shown below. 
For instance, org owner will get the HIGH severity alerts if the API token creation date (TTL) exceeds 30 days. 



6) Owner can list all the violations under "governance" tab as shown below.



If you expand "token-1", you will see the information  related to its creation date and time. Also, it tells who created this token. 



7) If you want to ignore the specific violation from violations dashboard, you can select the token and click on "ignore" as shown below. It means next time onwards system will not show such ignored violations.



After ignoring the violation, you will not be able to see it as an active violation  until and unless you enable  "show all" option. 





8) In case you want to activate the violations and want to see it under violations dashboard, you can choose the token and click on "activate" button as shown.