Service access token alternative

We have a web application deployed and protected behind cloudflare and Okta SSO.
Users are now able to login and view the app just fine.
The issue is we also need to allow users to send API requests to the app from their local machines.
I am trying to generate a service access token to be shared among team members but our concern is security, cause we will be sharing a long live secret between users and stored on their local machine.
Is there a better alternative to service access token ? Like somehow allow users to get their own tokens and use it to authenticate with the app.