DI‐Portal‐US‐001: Manage Personal Access Tokens

Design Item ID: DI-Portal-GF-001
Design Item Name: Manage Personal Access Tokens
Related Design Items: -
Related API:

• Create a personal access token (POST /api/v1/personalAccessToken)
• Personal access token list retrieve (GET /api/v1/personalAccessToken)
• Delete personal access token (DELETE /api/v1/personalAccessToken/{id})

Revision History:

Date	Description
21.02.2025	First revision of design item for https://github.com/Netcracker/qubership-apihub/issues/31, https://github.com/Netcracker/qubership-apihub/issues/13

---

Description

The functionality provides a user with the ability to generate, view and delete personal access tokens.
Personal access tokens are an alternative to using API key or Bearer token for authentication to APIHUB when using APIHUB API. Personal access tokens are intended to access APIHUB resources on behalf of yourself.

Start Point

1. User navigates to APIHUB Portal → My Profile page

Execution

To see the list of existing personal access tokens:

1. User opens Personal Access Tokens page.
2. The system shows the table with existing tokens.
   • The system shows the following information:
     • Name - short name of the token.
     • Expiration Date - date after which token is no longer in active.
     • Status - current status of the token: active - if current date is less than expiration date, expired if current date is equal to or greater than expiration date. Expired token cannot be used to authenticate to APIHUB.
   • API to show list of tokens - GET /api/v1/personalAccessToken

To create new personal access token:

1. User opens Personal Access Tokens page.
2. The system checks that user has no more than 100 tokens. If there are more than 100 tokens, then the system disables the button and shows the following tooltip on hover: "You can have up to 100 tokens. Please delete some tokens before creating a new one."
   • The limitation to 100 token is applicable to both active and expired tokens (but not deleted tokens).
3. Use fills the following fields:
   • Name - name for the token. Field is required and value must be unique within current user tokens.
     • If user clicks Generate button without value in the field, the system shows an error message "The field must be filled".
     • If user clicks Generate button the value is not unique, the system shows an error message "API key with name already exists".
   • Expiration - expiration of the token. Field is required. The following values are available:
     • 7 days
     • 30 days
     • 60 days
     • 90 days
     • 180 days - the value is preselected by default in the field.
     • 365 days
     • No expiration date.
4. User correctly filled all fields and clicks Generate button.
5. The system generates the token, shows the token value and shows the token in the table with the existing tokens.
   • API to generate the token - POST /api/v1/personalAccessToken:
     • name - <user input from Name field>
     • daysUntilExpiry - <user input from Expiration field>
6. User clicks Copy button.
7. The system copies the value to clipboard and shows message "Personal access token copied".
8. User reloads the page.
9. The system no longer shows previously generated token.

To delete existing token:

1. User opens Personal Access Tokens page.
2. User hovers over the row with token that needs to be deleted.
3. The system shoes Delete button with "Delete" tooltip on hover.
4. User clicks Delete button.
5. The system shows confirmation message "Delete token ? Once a token is deleted, it can no longer be used to authenticate to APIHUB.".
6. User clicks Delete.
7. The system deletes the token. The deleted token can no no longer be used to authenticate to APIHUB.
   • API to delete token - DELETE /api/v1/personalAccessToken/{id}:
     • id - Id of the token that shall be deleted.

Screen View

tbd