Admin Token API: Runner Authentication Tokens
Proposal
The Admin Token API allows getting information about arbitrary tokens. It can be used e.g. in the context of leaked tokens, to identify what a token does.
It currently lacks support for Runner Authentication Tokens for identification, as well as revocation. See the current implementation status.
POST /api/v4/admin/tokenShould return information about the runner that the token is associated with:
{
"id": 32,
"description": "test",
"ip_address": null,
"active": true,
"paused": false,
"is_shared": true,
"runner_type": "instance_type",
"name": null,
"online": null,
"status": "never_contacted"
}References
Implementation
- Support for identification
- Support for revocation
Edited by Nicholas Wittstruck