Cannot use SUDO in API requests when authenticated with PAT
Summary
As mentioned in the release notes for Gitlab 10.0, using Private Token as a way to authenticate against the API is being deprecated and will be removed in GitLab 10.2.
I am therefore changing my code to use a Personal Access Token (PAT) with API scope instead. I am able to connect to the API, but requests that use the SUDO feature fails with this message:
403 Forbidden - Private token must be specified in order to use sudo
To be clear, the PAT is created under an admin user (root).
How is Sudo supposed to be used now that private tokens are a thing of the past? Is there a particular reason why a PAT (for an admin account) cannot be used?
I know that we now have impersonation tokens which perhaps could be used instead, but I assume many users rely on the Sudo functionality already and creating basically "one-off" impersonation tokens for each user seems wrong.
Steps to reproduce
Authenticate to the API using the PAT of an admin account. Now try to send a request that uses Sudo.
Example Project
Not related to projects
What is the current bug behavior?
The request fails with a 403 Forbidden error
What is the expected correct behavior?
The request is successfull if the user behind the PAT is an admin.
Results of GitLab environment info
Gitlab 10.0.1.