You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
when an api token is deleted, and then created again with the same name, we are able to use the old token (which was deleted) to access devtron
👟 Reproduction steps
Create a api token with name superadmin ->copy the token -> if someone creates token with same name again we are able to use hit api with old superadmin token value
👍 Expected behavior
old (deleted) token should give "invalid user"
👎 Actual Behavior
successfully authenticates via deleted token
☸ Kubernetes version
.
Cloud provider
.
🌍 Browser
Chrome
🧱 Your Environment
No response
✅ Proposed Solution
No response
👀 Have you spent some time to check if this issue has been raised before?
📜 Description
when an api token is deleted, and then created again with the same name, we are able to use the old token (which was deleted) to access devtron
👟 Reproduction steps
Create a api token with name superadmin ->copy the token -> if someone creates token with same name again we are able to use hit api with old superadmin token value
👍 Expected behavior
old (deleted) token should give "invalid user"
👎 Actual Behavior
successfully authenticates via deleted token
☸ Kubernetes version
.
Cloud provider
🌍 Browser
Chrome
🧱 Your Environment
No response
✅ Proposed Solution
No response
👀 Have you spent some time to check if this issue has been raised before?
🏢 Have you read the Code of Conduct?
AB#9416
The text was updated successfully, but these errors were encountered: