The API token you provided should have the option to disable/enable it, And I noticed that the token doesn’t get deactivated(deleted) even after deleting the token which means the token still works even after deleting it which is obviously a security issue as the token is a very crucial thing as the access token can be used to place the order.
so my humble request is to add the option to deactivate and activate the token as well.
kind regards