Create new project access tokens with a unique prefix

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Overview

Project access tokens are generated with the same alphanumeric schema as personal access tokens.

Since they look the same, this makes them hard to tell apart in code. If a developer is using a token to authenticate, they may get the project access token confused with a personal access token and accidentally authenticate through the wrong credential. If the request succeeds, the developer may not realize this until later.

Proposal

• When a project access token is generated, create it with a unique prefix.
  • Example: project-m3uJjvS2Tv6pktfsWZi8

We shouldn't break existing tokens, this should only apply to newly generated tokens.