Patch personal access token

PATCH 
/personal-access-tokens/:id

This performs a targeted update to the field(s) of a Personal Access Token. Changing scopes for a Personal Access Token does not impact existing bearer tokens. You will need to create a new bearer token to have the new scopes. Please note that it can take up to 20 minutes for scope changes to be seen on new bearer tokens. expirationDate and userAwareTokenNeverExpires Relationship: Important: When expirationDate is null or empty (replaced to null or omitted from the patch request), the token will never expire. Required Validation: If expirationDate is being replaced to null or is empty, userAwareTokenNeverExpires must be set to true in the patch request. This is a required validation rule. When patching expirationDate and userAwareTokenNeverExpires, the valid values for expirationDate depend on the value provided for userAwareTokenNeverExpires:

• When userAwareTokenNeverExpires is being set to true (or required to be true): expirationDate can be replaced to null or omitted from the patch request. When expirationDate is null or empty, the token will never expire. This sets the PAT to never expire and serves as an explicit acknowledgment that the user is aware of the security implications of creating a non-expiring token. * When userAwareTokenNeverExpires is false or omitted: expirationDate must be provided and must be a valid date-time string representing a future date (there is no upper limit). expirationDate cannot be null in this case. In this scenario, userAwareTokenNeverExpires can be omitted. Validation Rules: * If expirationDate is being replaced to null: userAwareTokenNeverExpires must also be present in the patch request with a value of true (required). The token will never expire. * If expirationDate is not being replaced to null (i.e., set to a future date): userAwareTokenNeverExpires can be omitted. Security Considerations: The userAwareTokenNeverExpires field is designed to ensure that users explicitly acknowledge the security implications of creating tokens that never expire. Setting this field to true indicates that the user understands the increased security risks and has made an informed decision to proceed. Note: The userAwareTokenNeverExpires field indicates that the user acknowledges they are creating a token that will never expire. It does not affect token behavior beyond indicating this acknowledgment.

Request

Responses

200

Indicates the PATCH operation succeeded, and returns the PAT's new representation.

400

Client Error - Returned if the request body is invalid.

401

Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.

403

Forbidden - Returned if the user you are running as, doesn't have access to this end-point.

404

Not Found - returned if the request URL refers to a resource or object that does not exist

429

Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.

500

Internal Server Error - Returned if there is an unexpected error.