The Logic command token::delete should implement a check-run-permissions method; only the owner of an AuthenticationToken or someone with the administrative role should be permitted to delete and AuthenticationToken.
Log in to post a comment.