feat: API token management in workspace settings#10624
Open
dnplkndll wants to merge 3 commits intohcengineering:developfrom
Open
feat: API token management in workspace settings#10624dnplkndll wants to merge 3 commits intohcengineering:developfrom
dnplkndll wants to merge 3 commits intohcengineering:developfrom
Conversation
|
Connected to Huly®: UBERF-15850 |
5 tasks
dnplkndll
force-pushed
the
feat/api-token-management
branch
from
2ad2263 to
c84d786
Compare
Add full API token CRUD (create, list, revoke) as a new workspace settings page. Tokens are workspace-scoped JWTs with configurable expiry (7-365 days), stored in a new `api_tokens` DB table. Backend: - New `ApiToken` type and `apiToken` DB collection (Postgres + Mongo) - V25 migration creates `api_tokens` table with FK constraints - `createApiToken`, `listApiTokens`, `revokeApiToken` RPC methods - AccountClient methods for all three operations Frontend: - `ApiTokens.svelte` — settings page with token list and status badges - `ApiTokenCreatePopup.svelte` — modal for creating tokens with workspace selection, name, and expiry configuration - One-time token reveal after creation with copy-to-clipboard - Registered as WorkspaceSettingCategory (Owner role required) Ref: hcengineering#10622 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Don Kendall <kendall@donkendall.com>
Documents existing transactor endpoints (find-all, tx, load-model), account service JSON-RPC, and the new API token management endpoints. Includes operationIds for codegen and bearerAuth/serverSecret security schemes. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Don Kendall <kendall@donkendall.com>
Add a collapsible documentation section below the token list that shows available REST API endpoints, base URL, and a curl example. Helps users understand how to use their tokens for automation and integrations. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Don Kendall <kendall@donkendall.com>
dnplkndll
force-pushed
the
feat/api-token-management
branch
from
c84d786 to
efdbe1b
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
api_tokenstablecreateApiToken,listApiTokens,revokeApiTokenaccount service RPC methodsChanges
Backend (
server/account/):ApiTokentype +apiTokenDB collection (Postgres V25 migration + Mongo)AccountMethodsandgetMethods()AccountClientinterface + implementation extendedFrontend (
plugins/setting-resources/):ApiTokens.svelte— workspace settings page (Owner role)ApiTokenCreatePopup.svelte— creation modal with workspace/expiry selectionWorkspaceSettingCategoryin the modelTest plan
/api/v1/find-all/{workspace})api_tokenstable on fresh and existing databasesRef: #10622
🤖 Generated with Claude Code