Details
-
Type:
Task
-
Status: Done
-
Priority:
(None)
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: Personal access token management
-
Sprint:MEN Sprint 164, MEN Sprint 165
-
Story Points:8
-
Remaining Story Points:2
-
Epic Link:
-
Backlog:yes
-
Days in progress:12
Description
Allow user to generate long-lived JWT (Personal Access Tokens).
Acceptance criteria:
1. The API keys (JWT tokens) have the same permission set as the users they belong to
2. PAT can be used in the same way as our current JWT token obtained from the login endpoint: `curl --header "Authorization: Bearer <your_access_token>" https://hosted.mender.io/api/...`
3. If the user generating the token is restricted by RBAC, the RBAC permissions apply to the token as well
4. Code is covered by unit tests
5. Acceptance tests implemented