Non-expire option for Granular Access Token #849

felixle236 · 2023-01-13T02:44:59Z

felixle236
Jan 13, 2023

I have more than 20 private packages and I want to manage the permission for access tokens. So "Granular Access Token" is very useful for us, but we can set the expiration time from 1-356 days, I want to suggest another option as "non-expire", I think it's very important and suitable for this feature.

Thanks

Answered by monishcm

Mar 9, 2023

Thanks for the feedback. We are working on new features to overcome this issue.

View full answer

actuallymentor · 2023-03-08T08:50:06Z

actuallymentor
Mar 8, 2023

I'd like to stress here that for usecases like this the current setup allows these two options:

A token that has eternal access to write everything
A granular token with access to a single package, but CI pipelines will break every year because the token expired

I'm not sure how the max expiry decision was made but this seems like forcing the developer to choose between bad security or bad operations management.

0 replies

monishcm · 2023-03-09T13:33:15Z

monishcm
Mar 9, 2023

Thanks for the feedback. We are working on new features to overcome this issue.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Non-expire option for Granular Access Token #849

Uh oh!

{{title}}

Uh oh!

Replies: 2 comments

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Non-expire option for Granular Access Token #849

Uh oh!

felixle236 Jan 13, 2023

Replies: 2 comments

Uh oh!

actuallymentor Mar 8, 2023

Uh oh!

monishcm Mar 9, 2023

felixle236
Jan 13, 2023

actuallymentor
Mar 8, 2023

monishcm
Mar 9, 2023