[BE] New GraphQL query to fetch list of all created personal access tokens

We need a GraphQL query to fetch a list of all created personal access tokens for a user, both broad-access and fine-grained.

UX Figma view the data will be for

Proposed query:

query {
  user(id: "gid://gitlab/User/1") {
    id
    personalAccessTokens(sort: "EXPIRATION_DESC") {
      nodes {
        id
        name
        revoked
        createdAt
        description
        scopes {
          ... on AccessTokenLegacyScope {
            value
          }
          ... on AccessTokenGranularScope {
            access
            namespace {
              id
            }
            permissions {
              name
            }
          }
        }
        lastUsedAt
        active
        expiresAt
        lastUsedIps
      }
    }
  }
}

Several notes:

In the UI, personal access tokens are sorted and paged, so we need both the broad and fine-grained tokens back in the same query.
scopes returns a JSON string because for broad tokens it's an array of strings, but for fine-grained it's an array of objects.

Edited Nov 26, 2025 by Hinam Mehra