"You have to re-authorize from the user." How?

[svoop]

GitLab is enforcing personal access tokens to expire 1 year max after creation – and since this change of policy has been rolled out a year ago, the tokens expire now. I've revoked it a lil before that and Fork now shows as expected:

Maybe a stupid question: I don't see where and how to re-authorize in Fork. I was expecting a prompt to enter the new access token, but there is none.

Please note that access to the repo happens via SSH, so the token expiration doesn't affect this. Maybe if access to the repo were over HTTPS, there would be a prompt for the new access token. But in my (and possibly other's) case, the token is only used for the GitLab API, so unless I'm blind here, there might be a button missing on the above screen to actually trigger the re-authorization dialog.

[DanPristupov]

You can only log out and log in. Yes, we need to improve this 👍

[svoop]

You can only log out and log in.

So on the accounts dialog, I remove the entry with the revoked/expired token and add a new one?

Yes, we need to improve this

It's possible to rotate the access token via the GitLab API, however, there's a caveat: Such rotated tokens are only valid for 1 week:

https://docs.gitlab.com/ee/api/personal_access_tokens.html#rotate-a-personal-access-token

This is great as along as you use the token regularly, but in my case (repo access via SSH) or say if you go on vacation, the week passes quickly and you end up with an expired token again. So for starters, it appears to be the better approach to add a re-authenticate button somewhere.

[DanPristupov]

So on the accounts dialog, I remove the entry with the revoked/expired token and add a new one?

Yes

It's possible to rotate the access token via the GitLab API, however, there's a caveat: Such rotated tokens are only valid for 1 week:

It's been working this way on BitBucket, so hopefully we'll manage to implement this flow for GitLab too.