This topic describes the security guidelines of personal access tokens.
Treat authentication credentials the same way as passwords or other sensitive credentials:
To ensure the security of tokens used to access APIs, Alibaba Cloud DevOps only returns and displays the token at the time of its initial creation. In subsequent token retrieval requests, users cannot obtain the original token again. Alibaba Cloud DevOps also encrypts the tokens you create for secure storage.When applying for and using tokens, follow security principles such as minimum authorization, secure storage, and cautious usage to reduce potential security risks.
Token authorization
- When creating a token, select the API permission points that the token can access and its validity period. Follow the principle of least privilege when selecting permission points, and set the validity period within the required range. Do not use permanent validity.
- A token has the same access to resources and the ability to perform operations on those resources as the token applicant, and it is further limited by the API permission scope granted to the token. Tokens cannot grant users additional access permissions.
Secure storage
Treat authentication credentials the same way as passwords or other sensitive credentials:
- Do not share tokens over unencrypted messages, email, IM, or similar systems.
- Do not pass tokens as plain text on the command line.
- Do not push unencrypted tokens to public code repositories or other uncontrolled systems.
Cautious usage
- Do not hard-code tokens into source code and push them to public repositories. You can store tokens in environment variables and, when calling APIs, read the environment variable to insert the token into the request body. This prevents token leakage — and the resulting data leakage risk — caused by unauthorized code access.
- Cultivate good habits: do not use permanent tokens, and rotate tokens regularly or irregularly.
- If a token is leaked, delete it immediately.