Provide an API endpoint to allow PATs to be revoked by value
Currently we allow PATs to be only revoked via the API when you happen to know the ID of the PAT. If an account has multiple PATs it might not always be clear which PAT is the one which needs to be revoked with the current API output.
In order to quickly revoke PATs in case of a leak it would be a great addition to have an endpoint like DELETE api/v4/personal_access_tokens/self
which would revoke the PAT used in the request.