In Crowd, there is no way to create a Personal Access Token as in Jira and Confluence. The users have to send their usernames and passwords as a Basic Authentication header.
Generating a PAT and sending it as a Bearer token to use in scripts and integrating external applications with Crowd.
- Using Basic Authentication doesn't provide flexibility like PAT; revoking, generating a new one without changing the user password.
- In scripts, it's not safe to put plain or base64 encoded passwords.
- When a user changes the passwords, all the scripts need to be changed there is a high coupling between user password and automation scripts.