Create public endpoints for Instance, Group, and User Application secret rotation
Release notes
Problem to solve
Many large customers have requirements around periodic token rotation for all (Instance, User, and Group) Applications. Browsing in the web UI to each application and clicking "Renew Secret" does not scale will for hundreds of applications.
Proposal
The feature request proposes to expose public endpoints for the Application API using the recent community contribution to rotate OAuth tokens.
The Application API currently covers list
, add
, and delete
endpoints. The feature would extend the functionality to include an OAuth token rotation endpoint rotateToken
("Renew Secret" in the UI) for Instance/Group/User Apps for customers on Self-managed instances.
Intended users
Feature Usage Metrics
Does this feature require an audit event?
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.