Skip to content

Allow scoped tokens with rights for multiple projects #6292

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ronaldoussoren opened this issue Jul 29, 2019 · 5 comments · May be fixed by #6373
Open

Allow scoped tokens with rights for multiple projects #6292

ronaldoussoren opened this issue Jul 29, 2019 · 5 comments · May be fixed by #6373
Labels
feature request tokens Issues relating to API tokens

Comments

@ronaldoussoren
Copy link

What's the problem this feature will solve?
I have a project (PyObjC) that generates multiple PyPI distributions/projects from a single source base. This is both for historical reasons and because a single repo makes development easier.

API tokens are currently suboptimal for this, I need to create either:

  • A user-scoped token for my normal user
  • A user-scoped token for a new user with limited rights
  • Multiple project-scoped tokens

Describe the solution you'd like
It would be nice if it were possible to create a project-scoped token that's scoped to multiple projects.

Additional context
See above.

Note that this should IMHO have low priority, the work around with a new user with limited rights is workable for me.
@di di added feature request tokens Issues relating to API tokens labels Jul 29, 2019
@woodruffw
Copy link
Member

This is actually supported on the backend (see V1Caveat.verify_projects); we just don't expose it via the token creation form yet. Would be relatively easy to implement.

@Sterbic
Copy link
Contributor

Sterbic commented Aug 5, 2019

Looking into this for the PyCon AU sprints

@di
Copy link
Member

di commented Aug 5, 2019

We may need to think a bit about what the UI would look like here before trying to implement this. The current UI (just a select box) would not easily support this.

@Sterbic Sterbic linked a pull request Aug 6, 2019 that will close this issue
Open
@Sterbic
Copy link
Contributor

Sterbic commented Aug 6, 2019

I went with the simplest possible multi selector in #6373 but happy to look at other solutions as well.

@Julian Julian mentioned this issue Mar 17, 2023
Closed
@ronaldoussoren ronaldoussoren mentioned this issue Jun 5, 2023
Closed
@woodruffw
Copy link
Member

Triage: this is covered transitively via Trusted Publishing, i.e. configuring the same Trusted Publisher for multiple projects.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request tokens Issues relating to API tokens
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Multi project token Sterbic/warehouse
4 participants
@di @ronaldoussoren @Sterbic @woodruffw