Describe the issue: As a user I'd like to know how can I invalidate a service account token and then create a new one. Possible use case is when token becomes exposed to untrusted parties and needs to be replaced Suggestions for improvement: Write a section in the service account documentation with explanation how to manage tokens. https://docs.openshift.com/enterprise/3.0/admin_guide/service_accounts.html
The "Managing Service Accounts" section[1] has been added since this BZ was opened, which includes the following: "The generated API token and registry credentials do not expire, but they can be revoked by deleting the secret. When the secret is deleted, a new one is automatically generated to take its place." [1] https://docs.openshift.com/container-platform/3.11/admin_guide/service_accounts.html#admin-managing-service-accounts