idp.global/app
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add stories

Browse Source
This commit is contained in:
Jürgen Kunz
2025-11-30 15:01:28 +00:00
parent c8b8013200
commit 014fb3080a
35 changed files with 6282 additions and 3590 deletions
Download Patch File Download Diff File Expand all files Collapse all files
stories/developer/DEV-001-api-token-management.md
+28
View File
@@ -0,0 +1,28 @@
# Create and Manage API Tokens
**ID:** DEV-001
**Priority:** High
**Status:** Planned
## User Story
As a developer, I want to create and manage API tokens so that I can integrate my applications with the identity provider programmatically.
## Acceptance Criteria
- [ ] Developer can create new API tokens with custom names
- [ ] Token is shown once at creation (cannot be retrieved later)
- [ ] Developer can set token expiration (or no expiration)
- [ ] Developer can set token scopes/permissions
- [ ] List all tokens with creation date and last used
- [ ] Revoke individual tokens
- [ ] Revoke all tokens at once
- [ ] Rate limiting information shown per token
## Technical Notes
- ApiTokenManager exists with basic infrastructure
- `loginWithApiToken` endpoint available
- Need UI for token management (currently backend only)
- Tokens should be hashed before storage (show once)
- Consider token prefixes for easy identification (idp_...)
## Related TODOs
- Partial implementation in ApiTokenManager