Add GET /personal_access_tokens to service_accounts API

Hakeem Abdul-Razakrequested to merge
526924-add_endpoint_to_list_tlg_service_account_pats into master

Related to #526924 (closed)

What does this MR do and why?

  • Adds a GET /groups/:id/service_accounts/:user_id/personal_access_tokens endpoint to the Group Service Accounts API
  • Adds documentation
  • Adds sufficient test coverage for PAT filtration and sorting

How to set up and validate locally

Easier to test with POSTMAN

  1. As a top-level group owner, make a PAT or grAT with at least an owner role in the group, with an API scope.
  2. Create a service account in your group
  3. Create a few personal access tokens with a service account
  4. Make note of your group_id and service_account_id
  5. Make a request to:
curl --header "PRIVATE-TOKEN: <token>" "https://gdk.test:3443/api/v4/groups/<group_id>/service_accounts/<service_account_id>/personal_access_tokens"
  1. Play around with filters or sorting

created_before

curl --header "PRIVATE-TOKEN: <token>" "https://gdk.test:3443/api/v4/groups/<group_id>/service_accounts/<service_account_id>/personal_access_tokens?created_before=2025-01-21"

sort

curl --header "PRIVATE-TOKEN: <token>" "https://gdk.test:3443/api/v4/groups/<group_id>/service_accounts/<service_account_id>/personal_access_tokens?sort=id_desc"

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Hakeem Abdul-Razak

Merge request reports