Improved CLI authentication & token management

We’ve improved our CLI authentication by introducing two important new security features: The CLI authentication process is now followed by a new approval webpage, designed to provide better user visibility and to protect against CSRF attacks. Read about authentication in our docs and check out the gif below - demonstrating the process.

AuthenticateCLI.gif

We’ve also added the ability to revoke and regenerate your personal API token from Account Settings. To learn more about this feature, check out this article.

We would like to credit and thank Jonathan Leitschuh and Eran Lipkin for independently reporting the CSRF issue to us via our Bug Bounty program.