search

getsentry / sentry

Developer-first error tracking and performance monitoring
https://sentry.io
Other
39.19k stars 4.2k forks source link

API Application's Client Secret stays visible #76660

Open ArthurKnaus opened 2 months ago

ArthurKnaus commented 2 months ago

Environment

SaaS (https://sentry.io/)

Steps to Reproduce

  1. Go to User Settings > API > Applications
  2. Create a new application
  3. Help text for client secret says Your secret is only available briefly

Expected Result

Client secret should not be visible after page reload or after a few minutes. There should be an option to rotate the secret (it is implemented in the FE code).

Actual Result

Client secret stays visible. It is not possible to rotate the secret.

Product Area

Settings

Link

No response

DSN

No response

Version

No response

scefali commented 2 months ago

Better to just disable the creation of API applications, not sure why they still are there.

getsantry[bot] commented 2 months ago

Routing to @getsentry/product-owners-apis for triage ⏲️

sentaur-athena commented 2 months ago

Will add this to the backlog.