si icon indicating copy to clipboard operation
si copied to clipboard
verified publisher icon systeminit

feat(auth-api): Revoke tokens from a deleted workspace

Open stack72 opened this issue 1 month ago β€’ 1 comments

Due to a recent change to allow a workspace token to create and manage the workspace lifecycle, we need to revoke the tokens for a workspace when the workspace has been deleted

This means the usage of that token cannot be made at all! We don’t want tokens to be in circulation that allow a user to create or update workspaces if they are not actually able to be revoked or expired

This work also includes a migration to allow us to revoke existing tokens that would have fallen through the cracks here

Also introduces a reason into the revokeToken posthog event so that we can tell a user the token has been revoked based on X action

Screenshot 2025-11-30 at 22 00 29

stack72 avatar Nov 30 '25 22:11 stack72

Dependency Review

βœ… No vulnerabilities or OpenSSF Scorecard issues found.

Scanned Files

None

github-actions[bot] avatar Nov 30 '25 22:11 github-actions[bot]

/try

stack72 avatar Dec 02 '25 22:12 stack72

Okay, starting a try! I'll update this comment once it's running... πŸš€ Try running here! πŸš€

github-actions[bot] avatar Dec 02 '25 22:12 github-actions[bot]

/try

stack72 avatar Dec 02 '25 22:12 stack72

Okay, starting a try! I'll update this comment once it's running... πŸš€ Try running here! πŸš€

github-actions[bot] avatar Dec 02 '25 22:12 github-actions[bot]

/try

stack72 avatar Dec 03 '25 16:12 stack72

Okay, starting a try! I'll update this comment once it's running... πŸš€ Try running here! πŸš€

github-actions[bot] avatar Dec 03 '25 16:12 github-actions[bot]