Merge branch 'doc-fix-ssh-pat-expiration-settings' into 'master'

Tweak wording on SSH and PAT expiration settings See merge request gitlab-org/gitlab!64477

Merge branch 'doc-fix-ssh-pat-expiration-settings' into 'master'
Tweak wording on SSH and PAT expiration settings See merge request gitlab-org/gitlab!64477
3b1f6655 · Evan Read · f4aec663 · 9c43bab1 · 3b1f6655 · 3b1f6655
Commit 3b1f6655 authored Jun 21, 2021 by Evan Read
3 changed files
--- a/doc/user/admin_area/credentials_inventory.md
+++ b/doc/user/admin_area/credentials_inventory.md
@@ -38,7 +38,7 @@ The following is an example of the Credentials inventory page:

 If you see a **Revoke** button, you can revoke that user's PAT. Whether you see a **Revoke** button depends on the token state, and if an expiration date has been set. For more information, see the following table:

-| Token state | [Token expiration enforced?](settings/account_and_limit_settings.md#do-not-enforce-personal-access-token-expiration) | Show Revoke button? | Comments |
+| Token state | [Token expiration enforced?](settings/account_and_limit_settings.md#allow-expired-personal-access-tokens-to-be-used) | Show Revoke button? | Comments |
 |-------------|------------------------|--------------------|----------------------------------------------------------------------------|
 | Active      | Yes                    | Yes                | Allows administrators to revoke the PAT, such as for a compromised account |
 | Active      | No                     | Yes                | Allows administrators to revoke the PAT, such as for a compromised account |

--- a/doc/user/admin_area/settings/account_and_limit_settings.md
+++ b/doc/user/admin_area/settings/account_and_limit_settings.md
@@ -199,7 +199,7 @@ Once a lifetime for personal access tokens is set, GitLab:
  allowed lifetime. Three hours is given to allow administrators to change the allowed lifetime,
  or remove it, before revocation takes place.

-## Enforce SSH key expiration **(ULTIMATE SELF)**
+## Allow expired SSH keys to be used **(ULTIMATE SELF)**

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/250480) in GitLab 13.9.
 > - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/320970) in GitLab 14.0.
@@ -215,15 +215,14 @@ To allow the use of expired SSH keys:

 Disabling SSH key expiration immediately enables all expired SSH keys.

-## Do not enforce Personal Access Token expiration **(ULTIMATE SELF)**
+## Allow expired Personal Access Tokens to be used **(ULTIMATE SELF)**

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214723) in GitLab Ultimate 13.1.
 > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/296881) in GitLab 13.9.

-By default, expired personal access tokens (PATs) cannot be used.
-You can allow the use of expired PATs with the following steps:
+By default, expired personal access tokens (PATs) **are not usable**.

-To do this:
+To allow the use of expired PATs:

 1. On the top bar, select **Menu >** **{admin}** **Admin**.
 1. In the left sidebar, select **Settings > General**.

--- a/doc/user/profile/personal_access_tokens.md
+++ b/doc/user/profile/personal_access_tokens.md
@@ -16,7 +16,7 @@ If you're unable to use [OAuth2](../../api/oauth2.md), you can use a personal ac

 In both cases, you authenticate with a personal access token in place of your password.

-Personal access tokens are required when [Two-Factor Authentication (2FA)](account/two_factor_authentication.md) is enabled. 
+Personal access tokens are required when [Two-Factor Authentication (2FA)](account/two_factor_authentication.md) is enabled.

 For examples of how you can use a personal access token to authenticate with the API, see the [API documentation](../../api/README.md#personalproject-access-tokens).

@@ -82,7 +82,7 @@ Personal access tokens expire on the date you define, at midnight UTC.
 - In GitLab Ultimate, administrators can
  [limit the lifetime of personal access tokens](../admin_area/settings/account_and_limit_settings.md#limit-the-lifetime-of-personal-access-tokens).
 - In GitLab Ultimate, administrators can choose whether or not to
-  [enforce personal access token expiration](../admin_area/settings/account_and_limit_settings.md#do-not-enforce-personal-access-token-expiration).
+  [enforce personal access token expiration](../admin_area/settings/account_and_limit_settings.md#allow-expired-personal-access-tokens-to-be-used).

 ## Create a personal access token programmatically **(FREE SELF)**

@@ -104,10 +104,10 @@ To create a personal access token programmatically:
   ```

 1. Run the following commands to reference the username, the token, and the scopes.
-   
+
   The token must be 20 characters long. The scopes must be valid and are visible
   [in the source code](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/auth.rb).
-   
+
   For example, to create a token that belongs to a user with username `automation-bot`:

   ```ruby
@@ -141,7 +141,7 @@ To revoke a token programmatically:
   ```shell
   sudo gitlab-rails console
   ```
-   
+
 1. To revoke a token of `token-string-here123`, run the following commands:

   ```ruby