Long-lived access tokens card should be admin only, and Advanced

[SeanPM5]

Home Assistant release with the issue:
0.96.X

UI (States or Lovelace UI?):
Lovelace

Description of problem:
I made a test user account in order to update some docs later and noticed the "Long-Lived Access Tokens" card was still available on the profile page for regular users.

IMO this type of functionality (allowing access to your HA instance for third party services) seems like something that should be admin-only and gated off to regular user accounts, unless I am missing a certain use case?

Additionally, this should probably fall under the "Advanced mode" umbrella too.

[balloob]

The problem is that regular users do not have the option to toggle on advanced mode. So that means that they are never allowed to create long lived access tokens.

[SeanPM5]

Well I think it's safe to say that in the vast majority of cases, the regular user account type is going to be assigned to less tech-savvy family members such as parents, wife, kids and teens, etc. Users that you want to give access to your Home Assistant instance but in a more limited fashion so they a) can't screw things up and b) have an easier time navigating around.

I assume these types of users wouldn't ever be creating long lived access tokens anyway. Partly because they don't know how, but mostly because these regular user accounts aren't allowed to add or manage any integrations in the first place -- since both the Configuration and Hass.io panels are off limits to them already. So what would they even need to create long lived tokens for?

Even the description on the card links to the developer website rather than the regular website, which imo kind of serves as evidence that this functionality leans more towards advanced / power-users. So I think for all these reasons it would make sense to have it be admin-only and advanced.

That was my line of thinking on this. But again, I could be missing some use case here. I honestly don't know.

[balloob]

One use case I can think of is that you might want to have AppDaemon run with a less-privileged user.

[balloob]

I'm like 90% with you, but there are some legit use cases that we should find a way to handle.

[stale[bot]]

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates.
Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment 👍
This issue now has been marked as stale and will be closed if no further activity occurs. Thank you for your contributions.