SonarQube 5.3 added the concept of user token to replace login/password when:
- running an analysis
- invoking web services
- connecting SonarLint to SonarQube
But for the moment, only SQ administrators can generate and delete user tokens. To cover the use case #3, this means that the SQ admin would have to generate a token for each user, send it to the user, manage it, ... etc. This is not handful nor scalable.
So users should be able to perform the same operations as a SQ admin, but obviously only for their own account:
- See all the existing tokens for that user
- Generate a new token
- Revoke a token
This feature should be available on the "My Profile" page.