Mechanism to regenerate an API token #12765
Labels
blocked
Issues we can't or shouldn't get to yet
feature request
tokens
Issues relating to API tokens
Comments
PeterJCLaw
added
feature request
requires triaging
di
added
tokens
|
As a subcomponent of this: now that OIDC publishing is in beta, it might make sense to expose an API endpoint for invalidating API tokens: a user (or automation) could That wouldn't address the second half of this (regeneration), but it would help with the first half (letting people bulk invalidate tokens after a CI breach). |
|
Blocked on #13409. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What's the problem this feature will solve?
When rotating API tokens it is currently somewhat laborious to remove the old token and re-create it with a new one with the same scope(s).
Describe the solution you'd like
It would be great if there was a button in the UI, perhaps in the dropdown which currently hosts the option to delete a token, to regenerate the token. Doing so would be a single operation that removes the old token and creates a new one with the same scopes.
Additional context
https://circleci.com/blog/january-4-2023-security-alert/ means I imagine quite a few tokens are going to be rotate this week. (Not that that would be a good reason to rush this though!)
The text was updated successfully, but these errors were encountered: