As an admin we used to be able to delete a user's self-generated or tool approved access tokens via masquerading.
That no longer works.
Is there a way to do this via API or some other way??
You could add another login to the account and use it. How do I manage a user's login information in an account? I would generally not do this except under extraordinary circumstances.