Policies to disable authentication methods
As we add support for more secure alternatives such as Managed Identities and Service Principals that reduce the need for PATs and other stealable secrets, administrators need new control plane policies to improve authentication security by reducing and even blocking the usage of less secure authentication methods. We will introduce new control plane policies that administrators can use to reduce or turn off use of less secure authentication methods like basic auth (plain text user name and password), Personal Access Tokens (PATs) and SSH keys. These policies will come with an exception list that allows admins to gradually reduce the use of these less secure methods without disrupting their critical business processes.