Make credential inventory GA on gitlab.com with Personal access tokens only

Problem to solve

We released the credential inventory in 12.6 and have released several related credential management features, such as PAT expiration and list and revoke PATs via API; however, these features are largely available only for self-managed customers leaving GitLab.com customers in a painful spot for credential management.

Intended users

Cameron (Compliance Manager)
Sidney (Systems Administrator)

User experience goal

Proposal

The credential inventory will need logic to support a GitLab.com implementation. We should:

Ensure it is built on top of the Enterprise Users concept
Ensure only Project Access Tokens and group-scoped tokens scoped to the group are populated in this inventory

Further details

This issue likely needs to be broken down into several smaller issues.

Permissions and Security

Add expected impact to Owner (50) members

Edited Jul 21, 2024 by Hannah Sutor