Is there any way to update/refresh the authorization token generated by drone for use in CLI or APIs?
No need to refresh. Drone provides user tokens for use with the CLI and API. See http://docs.drone.io/cli-authentication/
I want to force refresh the token because it might have been compromised
You can invoke the following endpoint to reset your user token
Example curl command:
curl -X DELETE -H "Authorization: Bearer eybfaGaiOiaIUzI2DiIsI...." \ https://drone.company.com/api/user/token
It does not work, the token remains the same.
drone version: 1.1.0
the previous answer applied to drone 0.8 and below. the endpoint changed in 1.0 to the following:
curl -X POST -i https://drone.company.com/api/user/token?rotate=true