Skip to content

feat(tokens): permanently delete agent tokens to free the name for reuse (#820)#821

Merged
Dumbris merged 1 commit into
mainfrom
feat/delete-agent-tokens
Jul 9, 2026
Merged

feat(tokens): permanently delete agent tokens to free the name for reuse (#820)#821
Dumbris merged 1 commit into
mainfrom
feat/delete-agent-tokens

Conversation

@Dumbris

@Dumbris Dumbris commented Jul 8, 2026

Copy link
Copy Markdown
Member

Summary

Closes #820.

Revoking an agent token is a soft delete — the record is kept so the token name stays reserved, which blocks creating a new token with the same name. This adds a permanent delete that removes the token record and its name → hash mapping, freeing the name for reuse.

Changes

Layer Change
Storage DeleteAgentToken(name) removes both the agent_tokens record and the agent_token_names mapping in one BBolt tx (revoke leaves both intact).
REST DELETE /api/v1/tokens/{name}/permanent — distinct from the existing revoke DELETE /api/v1/tokens/{name}. Admin-only, 204 on success, 404 if not found.
Server edition Parallel DELETE /api/v1/user/tokens/{name}/permanent, scoped to the authenticated user.
CLI mcpproxy token delete <name> (aliases rm, remove).
Web UI A Delete button on revoked/expired tokens (active tokens must be revoked first), with a confirm dialog.
Docs / contract docs/features/agent-tokens.md + specs/028-agent-tokens/contracts/agent-tokens-api.yaml.

Design notes

  • Separate route (/permanent) rather than overloading the revoke DELETE or a query param — keeps revoke (soft) and delete (hard) unambiguous and independently testable.
  • API/CLI allow deleting any token; only the Web UI gates Delete to revoked/expired tokens. Delete is a legitimate admin action (like rm); requiring revoke-first would add friction for automation, while the UI keeps the interactive path safe.
  • Revoke semantics are unchanged (still soft) so ValidateAgentToken keeps rejecting revoked tokens with "token has been revoked".

Testing

  • Unit: storage delete + delete-not-found + name-reuse-after-delete (the crux); API delete/404/name-reuse; CLI subcommand wiring. All packages green with -race; server edition green.
  • Lint: golangci-lint v2 (CI config) clean; frontend type-check clean.
  • Live E2E: verified the full loop on a running binary via REST (create → revoke → recreate 409 → permanent delete → recreate 201) and end-to-end through the Web UI (Delete button removes a revoked token, then the freed name is reused successfully).

…use (#820)

Revoking an agent token is a soft delete: the record is kept so the token
name stays reserved, which blocks creating a new token with the same name
(issue #820). This adds a permanent delete that removes the token record and
its name->hash mapping, freeing the name for reuse.

- storage: DeleteAgentToken(name) removes both the agent_tokens record and the
  agent_token_names mapping in one tx.
- REST: DELETE /api/v1/tokens/{name}/permanent (distinct from the existing
  revoke DELETE /api/v1/tokens/{name}). Admin-only, 204/404.
- server edition: parallel DELETE /api/v1/user/tokens/{name}/permanent, scoped
  to the authenticated user.
- CLI: `mcpproxy token delete <name>` (aliases: rm, remove).
- Web UI: a Delete button on revoked/expired tokens (active tokens must be
  revoked first) with a confirm dialog.
- docs + agent-tokens API contract updated.

Tests: storage/API delete + name-reuse-after-delete, CLI subcommand wiring.
@cloudflare-workers-and-pages

Copy link
Copy Markdown

Deploying mcpproxy-docs with  Cloudflare Pages  Cloudflare Pages

Latest commit: 0e67bb4
Status: ✅  Deploy successful!
Preview URL: https://453d3a6f.mcpproxy-docs.pages.dev
Branch Preview URL: https://feat-delete-agent-tokens.mcpproxy-docs.pages.dev

View logs

@codecov-commenter

Copy link
Copy Markdown

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

❌ Patch coverage is 45.71429% with 38 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
cmd/mcpproxy/token_cmd.go 39.39% 20 Missing ⚠️
internal/httpapi/tokens.go 41.17% 7 Missing and 3 partials ⚠️
internal/storage/agent_tokens.go 57.89% 4 Missing and 4 partials ⚠️

📢 Thoughts on this report? Let us know!

@github-actions

github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown

📦 Build Artifacts

Workflow Run: View Run
Branch: feat/delete-agent-tokens

Available Artifacts

  • archive-darwin-amd64 (28 MB)
  • archive-darwin-arm64 (25 MB)
  • archive-linux-amd64 (16 MB)
  • archive-linux-arm64 (15 MB)
  • archive-windows-amd64 (28 MB)
  • archive-windows-arm64 (25 MB)
  • frontend-dist-pr (0 MB)
  • installer-dmg-darwin-amd64 (22 MB)
  • installer-dmg-darwin-arm64 (19 MB)

How to Download

Option 1: GitHub Web UI (easiest)

  1. Go to the workflow run page linked above
  2. Scroll to the bottom "Artifacts" section
  3. Click on the artifact you want to download

Option 2: GitHub CLI

gh run download 28966820968 --repo smart-mcp-proxy/mcpproxy-go

Note: Artifacts expire in 14 days.

@Dumbris Dumbris merged commit b26b685 into main Jul 9, 2026
40 checks passed
@Dumbris Dumbris deleted the feat/delete-agent-tokens branch July 9, 2026 05:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Feature]: Completely Delete Agent Tokens

2 participants