msarzijr opened a new issue, #5643: URL: https://github.com/apache/incubator-devlake/issues/5643
## What and why to refactor What are you trying to refactor? Why should it be refactored now? On the Connections Admin form, we can add tokens to access the tools, but those Tokens are returning in the API openly with no necessity and compromising the security of it. The reason is in the companies where DevLake will be used, not all DevLake Admin are able to have full read-only access to those tools, but as we return it from the API side, it is available for them. ## Describe the solution you'd like How to refactor? Not returning the tokens or passwords on APIs, it should be treated as one way only, as soon it is saved on the DB just going to be updated if required by the interface. ## Related issues Please link any other ## Additional context Add any other context or screenshots about the feature request here. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
