Remove revoked tokens from the Cluster Agent Tokens API endpoints (REST and GraphQL)
This came up from these discussions:
Summary
Currently, the Cluster Agents API -> Agent Tokens endpoints return the revoked tokens on GET requests.
We (~"group::configure") came to the agreement that for the next major milestone (16), revoked tokens should not be shown/included in the APIs (REST and GraphQL) and the UI.
The UI already does not show the revoked tokens, but the APIs should be updated.
- REST API
- List tokens - documentation | code
- Get a single token - documentation | code
- GraphQL
-
ClusterAgent.tokens
- documentation | code
-
Deprecate first
Before implementing this change, make sure that the deprecation steps have been followed. See #382129 (closed)
Affected Topology
This affects self-managed and SaaS users
Affected Tier
Free
Edited by Pam Artiaga