Skip to content

GitLab Next

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
GitLab FOSS
GitLab FOSS
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • Issues 0
    • Issues 0
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
    • Iterations
  • Merge Requests 0
    • Merge Requests 0
  • Requirements
    • Requirements
    • List
  • Security & Compliance
    • Security & Compliance
    • Dependency List
    • License Compliance
  • Operations
    • Operations
    • Incidents
    • Environments
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • Code Review
    • Insights
    • Issue
    • Repository
    • Value Stream
  • Snippets
    • Snippets
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
  • GitLab.org
  • GitLab FOSSGitLab FOSS
  • Merge Requests
  • !14838

Merged
Opened Oct 12, 2017 by Douwe Maan@DouweMDeveloper12 of 12 tasks completed12/12 tasks

Remove Private Tokens

  • Overview 31
  • Commits 15
  • Pipelines 14
  • Changes 60

To do:

  • Remove Private API Token from profile/account
  • Remove API::Session which can be used to get the private token when providing username/password
  • Remove UserWithPrivateDetails entity.
  • Remove all API/web authentication using private_token or authentication_token (they're the same thing)
  • Sudo scope (lib/api/helpers.rb:432)
  • Migrate Private tokens to PATs with the api scope, as well as the sudo scope if the user is an admin (depends on https://gitlab.com/gitlab-org/gitlab-ce/issues/38447)
  • Remove users.authentication_token
  • Update API docs (doc/api/README.md, doc/user/profile/personal_access_tokens.md)
  • Move RSS and incoming email tokens to Access Tokens (app/views/profiles/accounts/show.html.haml)
  • Fix specs
  • Add new specs
  • Add changelog item

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/38595 and https://gitlab.com/gitlab-org/gitlab-ce/issues/38447

Edited Nov 02, 2017 by Douwe Maan
Assignee
Assign to
Reviewer
Request review from
10.2
Milestone
10.2 (Past due)
Assign milestone
Time tracking
Reference: gitlab-org/gitlab-foss!14838
Source branch: dm-remove-private-token

Revert this merge request

This will create a new commit in order to revert the existing changes.

Switch branch
Cancel
A new branch will be created in your fork and a new merge request will be started.

Cherry-pick this merge request

Switch branch
Cancel
A new branch will be created in your fork and a new merge request will be started.