The current tokens that are created with the rad web flow are great for supporting human users logging in to the API.

They do not support very well the case where we want to integrate a 3rd party system with the Radicle API (httpd), as is the case with integrations to CI/CD systems (e.g. Woodpecker CI, Kraken CI, hosted CI services, etc.). Such systems would need to invoke some HTTP API endpoints, in order to provide updates about the build status back to the Patches, etc.

It seems like there is already a way to acquire a session token (which is what radicle-interface uses to authenticate with the HTTP API), but that expires only after a week

For this type of machine-to-machine integration between different systems, we would probably need something in the range of months/years.

It seems like the easiest approach would be to add a parameter to define the expiry duration, however it is perhaps more useful to introduce a new token type for this type of thing. In other forges “personal access tokens” are the corresponding entity, so it would be great if we could have something like that in radicle as well. rad auth could offer one way to create these tokens.

Context: Relevant discussion in zulip