Commit 9759ad78 authored by Achilleas Pipinellis's avatar Achilleas Pipinellis

Merge branch...

Merge branch '214811-add-revoke-buttons-to-the-pat-tab-of-the-credential-inventory-doc-update' into 'master'

Docs: Add Revoke buttons to the PAT tab of the credential inventory

See merge request gitlab-org/gitlab!41090
parents 9a87d148 267cedc1
......@@ -13,7 +13,7 @@ type: howto
GitLab administrators are responsible for the overall security of their instance. To assist, GitLab provides a Credentials inventory to keep track of all the credentials that can be used to access their self-managed instance.
Using Credentials inventory, GitLab administrators can see all the personal access tokens and SSH keys that exist in their instance and:
Using Credentials inventory, you can see all the personal access tokens (PAT) and SSH keys that exist in your GitLab instance. In addition, you can [revoke them](#revoke-a-users-personal-access-token) and see:
- Who they belong to.
- Their access scope.
......@@ -25,4 +25,19 @@ To access the Credentials inventory, navigate to **Admin Area > Credentials**.
The following is an example of the Credentials inventory page:
![Credentials inventory page](img/credentials_inventory_v13_2.png)
![Credentials inventory page](img/credentials_inventory_v13_4.png)
## Revoke a user's personal access token
[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214811) in GitLab 13.4.
If you see a **Revoke** button, you can revoke that user's PAT. Whether you see a **Revoke** button depends on the token state, and if an expiration date has been set. For more information, see the following table:
| Token state | [Token expiry enforced?](settings/account_and_limit_settings.md#optional-enforcement-of-personal-access-token-expiry) | Show Revoke button? | Comments |
|-------------|------------------------|--------------------|----------------------------------------------------------------------------|
| Active | Yes | Yes | Allows administrators to revoke the PAT, such as for a compromised account |
| Active | No | Yes | Allows administrators to revoke the PAT, such as for a compromised account |
| Expired | Yes | No | PAT expires automatically |
| Expired | No | Yes | The administrator may revoke the PAT to prevent indefinite use |
| Revoked | Yes | No | Not applicable; token is already revoked |
| Revoked | No | No | Not applicable; token is already revoked |
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment