Token creation should allow 'no expiration' #1618
Comments
|
I am no a security expert but I think could create some issues. why would you need a token with no expiration? |
Automations (like GitHub Actions). I'm currently working on the PR preview plans feature via GitHub Actions (but any other API feature could fit also this case), and a TK API token is needed. I believe for these kind of use cases, the 'no expiration' feature is worth it. At the end, it's on the people using those tokens to keep them safe and to rotate them when they consider. On top, TFC allows you to create tokens without expiration, so I believe it makes sense also in TK. |
|
I will try to add this in the following weeks |
|
Next version will allow to set "0" when creating the PAT or team tokens when you specify days, hours or minutes |
Feature description 💡
Currently both team tokens and user tokens don't allow to create tokens without expiration date. Even if the time values are set to 0, the expiration date is set.
I believe the value 0 should mean no expiration, and this should imply the tokens will never expire. On top, the info tooltips should provide info about this.
Anything else?
While team tokens have a default time-values set to 0, the user tokens creation dialog doesn't set 0 as default (blank value).
The text was updated successfully, but these errors were encountered: