In Profile or Permission Set or Permission Set Group, under the Administrative section check the checkbox “Api Only User”.

API Only specifies that the user can only log in through the API. This prevents the user from being used for any purpose other than integration scenarios.

User cannot login through the Salesforce standard or custom UI. It can only create a session through the Salesforce API.

Salesforce API Only User doesn’t have the ability to reset their security token.

To reset the password:
Option 1:

1. Go to Session Settings in Salesforce Setup.
2. Disable “Require identity verification for email address changes”.
3. Change the Email of the API Only User.
4. Verify the Email.
5. Enable “Require identity verification for email address changes”.

Option 2:

1. Edit the API Only User.
2. Update the Email.
3. Check “Generate new password and notify user immediately”.
4. Click the Save button.
5. Set a new password. The email will be changed too.