Make group-level PAT expiration enforcement optional
Problem to solve
We released the credential inventory in 12.6
and have released several related credential management features, such as PAT expiration and list and revoke PATs via API; however, these features are largely available only for self-managed customers leaving GitLab.com customers in a painful spot for credential management.
Intended users
User experience goal
A group owner
can toggle Enforce personal access token expiration
to make the programmatic enforcement of PAT expiration optional or not.
Proposal
- Add a toggle to the group settings:
Enforce personal access token expiration
- Default this toggle to
disabled
- This feature should behave in the same way it does for the self-managed implementation
Further details
Permissions and Security
- Add expected impact to Owner (50) members