API tokens are revoked automatically when used in public spaces
Platform Notice: Cloud - This article applies to Atlassian products on the cloud platform.
Summary
When you create an API token from https://id.atlassian.com/manage-profile/security/api-tokens and use/mention it in a code repository, the API token is revoked after a short while from your profile.
Environment
Jira Cloud
Cause
The repository where the API token is mentioned is a public repository. Atlassian periodically scans public repositories to identify any tokens from Atlassian accounts and revokes them as a security measure. Tokens directly mentioned in public repositories can be accessed by external users and can be abused, thereby, causing harm to your site data and its performance.
Solution
- Check your email confirming that it was Atlassian that removed your token. You should see a similar email in your inbox
2. Make your code repository is private or use the API token in a file that is not accessible publicly.