Create PAT only with session token in pyBIS

Dear all,

using pyBIS v 1.35.1, I noticed that when I want to create a new personal access token, I can only do so with a session token but not with an existing PAT?
( I can get a list of existing PATs with a valid PAT but cannot create a new one unless I use a session token)

all the best

That behaviour is the expected behaviour. You can only create PAT from a session token.

PAT are supposed to be shared around on different machines where batch Jobs are installed.

If one of these machines is compromised you want to be able to delete PATs and avoid the creation of new ones. So you are not compromised for further time than the PAT lasts.

Those PATs would be updated using the session token of the admin from a script only the admin can run.

I hope this makes sense.

1 Like

Dear Juan,

many thanks - this makes total sense, thank you for pointing this out.

All the best