We currently allow read access to api access tokens via GraphQL from a logged in user session on the buildkite dashboard only. We could expand this to include api endpoints accessed via basic auth, and add create/revoke mutations for session auth and basic auth only.
Some teams with machine users would like to be able to programatically rotate credentials periodically.
GitHub enables this by allowing the creation of new personal access tokens when using their REST API with basic auth credentials:
https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization
We currently allow read access to api access tokens via GraphQL from a logged in user session on the buildkite dashboard only. We could expand this to include api endpoints accessed via basic auth, and add create/revoke mutations for session auth and basic auth only.