Display verification token on streaming audit event destination screen

Release notes

Problem to solve

Users today use the verificationToken value in our API to confirm that the audit events being sent from GitLab are valid and not from an alternate source impersonating GitLab. However, this value is only available through the API. If a user wants to use the UI, they can't see this token and must rely on the API. This introduces an extra step and reduces the value of the UI.

Proposal

Add the verification token to the streaming audit events UI.

Design

Attached designs are the end-vision, the below design is for this issue

Implementation plan

frontend - 2️⃣

Add verificationToken to retrieval GraphQL query
Add a <code></code> block with the verification token and tooltip to the stream item
- Make sure the code block has a tab index for keyboard users
Update specs
Update https://docs.gitlab.com/ee/administration/audit_event_streaming.html#verify-event-authenticity to note that you can find the verificationToken via the UI

Intended users

Cameron (Compliance Manager)

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.

Edited May 24, 2022 by Robert Hunt