Audit and revoke service token access
automation & ci
// what it does
show-access lists exactly what a token can touch, list inventories all tokens, delete-access removes a specific grant, and delete kills the token entirely. Together they're your periodic "what can our robots do?" audit.
// shell
$ pscale service-token list$ pscale service-token show-access <token-id>$ pscale service-token delete-access <token-id> delete_branch --database mydb$ pscale service-token delete <token-id>// gotcha
Deleting a token breaks every pipeline using it immediately — rotate by creating the replacement token first, exactly like password rotation.