Remove Private Tokens from GitLab
In 10.0 we announced the deprecation of Private Tokens from GitLab with their removal in 10.2.
Proposal
- Remove Private API Token from
profile/account
- Remove
API::Session
which can be used to get the private token when providing username/password - Remove
UserWithPrivateDetails
entity. - Remove all API/web authentication using
private_token
orauthentication_token
(they're the same thing) - Migrate Private tokens to PATs with the
api
scope, as well as thesudo
scope if the user is an admin (depends on https://gitlab.com/gitlab-org/gitlab-ce/issues/38447)
Edited by Douwe Maan