Return token string value instead of object

Eugie Limpinrequested to merge
el-update-create-pat-mutation-result into master

What does this MR do and why?

Change personalAccessTokenCreate mutation to return the actual token string value rather than the token object. This provides the raw token value needed by clients for authentication.

References

[BE] Config: New graphql mutation to create fin... (#572947).

Screenshots or screen recordings

Screenshot_2025-12-15_at_12.32.47_PM

How to set up and validate locally

  1. Enable granular_personal_access_tokens feature flag
  2. Login any user
  3. Go to http://localhost:3000/-/graphql-explorer and execute the following mutation 
    mutation {
  personalAccessTokenCreate(input: { name: "My token 2", description: "desc", granularScopes: [{ permissions:["retry_job"], access: USER }] }) {
    token
    errors
  }
}
  4. Verify token string value is present

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Eugie Limpin

Merge request reports