Merge branch 'mjang-restore-pat-feature-flag-doc' into 'master'

Update feature flag section of PrAT docs -- cherry pick

See merge request gitlab-org/gitlab!48786

doc/user/project/settings/project_access_tokens.md

@@ -16,6 +16,9 @@ Project access tokens are supported for self-managed instances on Core and above
 > - [Became available on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/235765) in 13.5.
 > - It's recommended for production use.
 
+CAUTION: **Warning:**
+This feature might not be available to you. Check the **version history** note above for details.
+
 Project access tokens are scoped to a project and can be used to authenticate with the [GitLab API](../../../api/README.md#personalproject-access-tokens). You can also use project access tokens with Git to authenticate over HTTP.
 
 Project access tokens expire on the date you define, at midnight UTC.
@@ -75,3 +78,33 @@ the following table.
 | `write_registry`   | Allows write-access (push) to [container registry](../../packages/container_registry/index.md). |
 | `read_repository`  | Allows read-only access (pull) to the repository. |
 | `write_repository` | Allows read-write access (pull, push) to the repository. |
+
+### Enable or disable project access tokens
+
+Project access tokens are deployed behind a feature flag that is **enabled by default**.
+[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md)
+can disable it for your instance, globally or by project.
+
+To disable it globally:
+
+```ruby
+Feature.disable(:resource_access_token)
+```
+
+To disable it for a specific project:
+
+```ruby
+Feature.disable(:resource_access_token, project)
+```
+
+To enable it globally:
+
+```ruby
+Feature.enable(:resource_access_token)
+```
+
+To enable it for a specific project:
+
+```ruby
+Feature.enable(:resource_access_token, project)
+```