Bug #16159
Updated by Peter Amstutz almost 4 years ago
Logging out of workbench should invalidate the current token. (Currently, it just causes the browser to forget it.) This means: # workbench (1|2) logout includes API token to be revoked # if a token is supplied, the logout route in controller expires the token Workbench 2 Need to address the case where the browser "Get API token" creates new Token" feature needs to create a token (done) Workbench 1 should tell the in a federated scenario, so that user can get a token that won't be expired when logging out in the token will expire when they log out, and provide a link to Workbench 2 dialog that creates a new API token. browser.