Feature Proposal: Instance-level controls for RSS tokens
Problem to solve
GitLab enables users to view information such as group activity, and issues, using RSS feeds. By clicking the RSS feed button, the user receives a URL including a token that can be added to their RSS reader. Anyone who is able to obtain the token from an authenticated user, for example through social engineering, will have ongoing access to the feed data without any additional authentication. It may not be clear to users that providing the RSS URL to another person is equivalent to sharing their username / password.
This is somewhat similar to personal access tokens, but we have tools in place to allow administrators to control and monitor their use. We should add instance-level controls for RSS tokens as well.
Intended users
User experience goal
An administrator should be able to either disable all RSS or implement limits on RSS tokens consistent with the policies and required security controls for that organization (e.g. credential lifetime restrictions, 2FA requirements, etc.)
Proposal
MVC
- Provide an instance level option for administrators to disable all RSS feeds.
Some initial thoughts on other functionality:
- Provide an instance level option to specify the Maximum allowable lifetime for RSS tokens.
- Add RSS tokens to the credentials screen