Admin Token API: Pipeline trigger tokens

Proposal

The Admin Token API allows getting information about arbitrary tokens. It can be used e.g. in the context of leaked tokens, to identify what a token does.

It currently lacks support for Pipeline trigger tokens for identification, as well as revocation. See the current implementation status.

POST /api/v4/admin/token

Should return information about the trigger:

{
	"id": 1,
	"token": "glptt-abcxyz",
	"description": "example",
	"created_at": "2024-11-27T14:18:29.113Z",
	"updated_at": "2024-11-27T14:18:29.113Z",
	"last_used": null,
	"owner": {
		...
	}
}

References

• &15777
• #443597 (closed)

Implementation

• Support for identification
• Support for revocation