It would be useful to be able to generate API token's promgramatically for use in things like mobile apps. Given TD's row based security model, tokens that impersonate a user can frustrate the developer experience in these scenarios as we have to manually create tokens for users OR do some sort of hack to use a single token and attribute changes to the actual user (and in the process actually break the permissions originally intended). We have also used basic auth with cookie storage, but it feels fragile and doesn't offer the same long-lived benefit of a token.
Looking at the UI, we almost have enough to do it programmatically using a call to the existing UI, but we don't have access to the global "User ID" that would allow this to work properly.
I'd like to see either, but preferably number 1:
1. A new REST endpoint to issue/revoke tokens that accepts a [User] as an argument. 2. or provide the user id to us in the users table, and we can roll our own using existing UI post calls
