Skip to content

feat: scoped API tokens#2243

Merged
migmartri merged 25 commits into
chainloop-dev:mainfrom
migmartri:2241-api-tokens
Jul 11, 2025
Merged

feat: scoped API tokens#2243
migmartri merged 25 commits into
chainloop-dev:mainfrom
migmartri:2241-api-tokens

Conversation

@migmartri

@migmartri migmartri commented Jul 10, 2025

Copy link
Copy Markdown
Member

Makes API token scoping consistent with other resourtes like contracts this means

Creation

  • members can create scoped tokens and are forced to provide a project reference
  • admins can create either, both global or scoped

Listing

  • members now see the tokens associated with any of their projects
  • admins can see both global and scoped
  • additional filters have been added such as filtering by specific project, show only globals, etc

Revocation

  • proper RBAC has been put in place as well

Some important notes

  • in order to prevent collisions, we now require passing the token id during revocation, this simplifies the UX in general so we can allow users to create tokens of any name
  • the previous project/apitokens service has been removed and replaced by this one.

closes #2241

migmartri added 19 commits July 10, 2025 12:31
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri migmartri requested review from javirln and jiparis July 10, 2025 16:42
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
Signed-off-by: Miguel Martinez <miguel@chainloop.dev>
@migmartri migmartri merged commit 7655696 into chainloop-dev:main Jul 11, 2025
13 checks passed
@migmartri migmartri deleted the 2241-api-tokens branch July 11, 2025 10:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

improve scoped api tokens

2 participants