Ability to update user authorization token

panda-moe · November 1, 2017, 8:52am

Is there any way to update/refresh the authorization token generated by drone for use in CLI or APIs?

bradrydzewski · November 1, 2017, 7:11pm

No need to refresh. Drone provides user tokens for use with the CLI and API. See http://docs.drone.io/cli-authentication/

panda-moe · November 2, 2017, 5:03am

I want to force refresh the token because it might have been compromised

bradrydzewski · November 2, 2017, 6:16am

You can invoke the following endpoint to reset your user token

DELETE /api/user/token

Example curl command:

curl -X DELETE -H "Authorization: Bearer eybfaGaiOiaIUzI2DiIsI...." \
 https://drone.company.com/api/user/token

zlbabe · May 2, 2019, 9:25pm

It does not work, the token remains the same.

drone version: 1.1.0
environment: k8s

bradrydzewski · May 2, 2019, 9:35pm

the previous answer applied to drone 0.8 and below. the endpoint changed in 1.0 to the following:

curl -X POST -i https://drone.company.com/api/user/token?rotate=true

zlbabe · May 3, 2019, 11:59am

It works
Thanks