Don't expose a user's private token in the `/api/v3/user` API
Why was this MR needed?
A user's private token is being leaked in the /api/v3/user API.
What are the relevant issue numbers?
- Closes #20911
Does this MR meet the acceptance criteria?
-
#20911 !6047 (merged) Application-Specific Tokens Are Insecure -
Implementation -
Test -
CHANGELOG -
Make sure build is green -
Assign to endboss -
Wait for merge
-
Edited by 🤖 GitLab Bot 🤖