Feature #4735
Updated by Tom Clegg over 9 years ago
Currently, Workbench obtains an API token by sending the user through the login process, and offers instructions to use that token for CLI tools, etc.
Instead, it should allow the user to create, name, and delete tokens.
* Tokens created using this interface should have a non-null name attribute. This distinguishes them from auto-generated tokens (e.g., for crunch jobs), which aren't normally interesting enough to list here.
* Name should be editable.
* Expired tokens should not be shown.
* "Trash" should set expires_at to 1 second ago[1], and remove from list.
fn1. This should produce reasonable _looking_ behavior (items don't reappear after being removed) even if Workbench and API server have clock skew. However, if Workbench's clock is ahead of API server's, a token will _look_ expired but not really _be_ expired.
TBD: Should the token that gets installed into @~/.config@ on shell nodes be shown here?