Skip to content

Feature/team tokens#157

Merged
isivaselvan merged 4 commits into
next-1.0.0from
feature/team-tokens
May 22, 2026
Merged

Feature/team tokens#157
isivaselvan merged 4 commits into
next-1.0.0from
feature/team-tokens

Conversation

@isivaselvan

@isivaselvan isivaselvan commented May 15, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

Description

  • Added a new TeamTokens resource at src/pytfe/resources/team_token.py, which supports

    • create(team_id)
    • create_with_options(team_id, options)
    • read(team_id)
    • read_by_id(token_id)
    • list(organization, options)
    • delete(team_id)
    • delete_by_id(token_id)

  • Handles both:

    • legacy endpoint: single descriptionless team token
    • newer endpoint: multiple named tokens with description/expiry

  • Added new models in src/pytfe/models/team_token.py

    • TeamToken
    • TeamTokenCreateOptions
    • TeamTokenListOptions
    • CreatedByChoice

  • Exported the new models from src/pytfe/models/init.py

  • Wired the resource into the main client in src/pytfe/client.py

  • Added a new validation error in src/pytfe/errors.py -> InvalidTokenIDError

  • Added example usage in examples/team_token.py, demonstrates list/create/read/delete flows for both legacy and named tokens

  • Added unit tests in tests/units/test_team_token.py

Notable implementation details

  • create_with_options() switches endpoint based on whether description is present:
    • with description → /authentication-tokens
    • without description → /authentication-token
  • The resource parses related team and created-by relationship data into typed model stubs.
  • Listing supports pagination/filter/sort through TeamTokenListOptions.

Testing plan

External links

JIRA

Output from tests

Including output from tests may require access to a TFE instance. Ignore this section if you have no environment to test against.


> python examples/team_token.py --organization prab-sandbox01 --create --team-id team-7kK9bLgMU6v 2>&1

================================================================================
Creating legacy team token for team: team-7kKCLgMU6v
================================================================================
Created team token:
- ID: at-bYeU6no6aw
  Created At: 2026-05-15 06:55:12.162000+00:00
  Last Used At: None
  Expired At: 2028-05-15 06:55:12.157000+00:00
  Team ID: team-7kKCULgMU6v
  Created By (user): user-7o6akSp7PG


> python examples/team_token.py --organization prab-sandbox01 2>&1

================================================================================
Listing team tokens for organization: prab-sandbox01
================================================================================
- ID: at-bYeUyno6aw
  Created At: 2026-05-15 06:55:12.162000+00:00
  Last Used At: None
  Expired At: 2028-05-15 06:55:12.157000+00:00
  Team ID: team-7kKCUgMU6v
  Created By (user): user-7o6akSp7PG

- ID: at-gh8u6Yyhfr
  Description: Tanya
  Created At: 2026-03-03 15:31:54.454000+00:00
  Last Used At: None
  Expired At: None
  Team ID: team-7kKCLgMU6v
  Created By (user): user-gPcqPu26k

Total: 2 team tokens

>  python examples/team_token.py --organization prab-sandbox01 --read --team-id team-7kKLgMU6v

================================================================================
Reading legacy token for team: team-7kKCULgMU6v
================================================================================
- ID: at-bYeUyno6aw
  Created At: 2026-05-15 06:55:12.162000+00:00
  Last Used At: None
  Expired At: 2028-05-15 06:55:12.157000+00:00
  Team ID: team-7kKCULMU6v
  Created By (user): user-7o6apSp7PG

> python examples/team_token.py --organization prab-sandbox01 --delete --team-id team-7kKCgMU6v

================================================================================
Deleting legacy token for team: team-7kKCLgMU6v
================================================================================
Deleted.




> python examples/team_token.py --organization prab-sandbox01 --create --team-id team-7kKCULcYMU6v --description "pr-demo-token" --expired-at "2027-01-01T00:00:00Z"

================================================================================
Creating named team token for team: team-7kKCMU6v
================================================================================
Created team token:
- ID: at-ueMWUx6Fv
  Description: pr-demo-token
  Created At: 2026-05-15 06:56:43.728000+00:00
  Last Used At: None
  Expired At: 2027-01-01 00:00:00+00:00
  Team ID: team-7kKCLgMU6v
  Created By (user): user-7o6apSp7PG

> python examples/team_token.py --organization prab-sandbox01

================================================================================
Listing team tokens for organization: prab-sandbox01
================================================================================
- ID: at-ueMZ3Ux6Fv
  Description: pr-demo-token
  Created At: 2026-05-15 06:56:43.728000+00:00
  Last Used At: None
  Expired At: 2027-01-01 00:00:00+00:00
  Team ID: team-7kKCULgMU6v
  Created By (user): user-7o6ap6p7PG

- ID: at-gh8u6Yyhfr
  Description: Tanya
  Created At: 2026-03-03 15:31:54.454000+00:00
  Last Used At: None
  Expired At: None
  Team ID: team-7kKCUgMU6v
  Created By (user): user-gPcqzaPu26k

Total: 2 team tokens

> python examples/team_token.py --organization prab-sandbox01 --read-by-id --token-id at-ueMWZ3Ux6Fv

================================================================================
Reading token by ID: at-ueMWYx6Fv
================================================================================
- ID: at-ueMWYUx6Fv
  Description: pr-demo-token
  Created At: 2026-05-15 06:56:43.728000+00:00
  Last Used At: None
  Expired At: 2027-01-01 00:00:00+00:00
  Team ID: team-7kKCULcU6v
  Created By (user): user-7o6apSp7PG

>  python examples/team_token.py --organization prab-sandbox01 --delete-by-id --token-id at-ueMWYUx6Fv

================================================================================
Deleting token by ID: at-ueMWYfKFwZ3Ux6Fv
================================================================================
Deleted.

Rollback Plan

Changes to Security Controls

PCI review checklist

  • I have documented a clear reason for, and description of, the change I am making.

  • If applicable, I've documented a plan to revert these changes if they require more than reverting the pull request.

  • If applicable, I've documented the impact of any changes to security controls.

    Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.

If you have any questions, please contact your direct supervisor, GRC (#team-grc), or the PCI working group (#proj-pci-reboot). You can also find more information at PCI Compliance.

@isivaselvan isivaselvan requested a review from a team as a code owner May 15, 2026 07:06
@isivaselvan isivaselvan merged commit f205289 into next-1.0.0 May 22, 2026
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@isivaselvan