Decouple API Tokens from User Password and Support Multiple Tokens

Currently, each user can generate only a single API token, and that token is tied to the user's password. As a result, whenever the user changes their password, the API token also changes.

This behavior creates a significant limitation: users cannot regularly update their password without breaking any active integrations relying on that token.

Requested Enhancement:

I would like to propose the introduction of a more flexible API token management system, aligned with what is already standard in many modern services and platforms:

• Allow users to generate multiple API tokens
• Ensure tokens are independent from the user’s password
• Provide the ability to assign a custom name/label to each token (to identify its usage)
• Allow individual tokens to be revoked/disabled without impacting others

Benefits:

• Enables secure password rotation without disrupting integrations
• Improves security through fine-grained token management
• Aligns Jitbit Helpdesk with widely adopted API authentication practices