We need access to the sso_guid. We don't see the "Manage" Permission in our Admin UI when we create a Token, wondering how this can be achieved (also see my other post about our need to update sso_guid via the API). Thanks!
The user who used to create a token (Token makes a call on behalf of specific user) should have "manage" permission in the project. Means, if you are project admin just create an API token on behalf of you.