The goal of this issue is to create a new config setting that when set to 1 it will prevent Super Users from seeing other users' token_auth.
Manage userswill only show the first few letters of the token_auth.
This will increase security in some Piwik setups where Super User access are widely shared. In this configuration, it is more secure to prevent Super Users from authenticating as other users and issuing API requests using another users'
The more I see features about Super User being less and less "super", the more I think a new level of user would be better...
Super User = Almighty, access via SSH, updates, install plugins
Piwik supervisor = See all sites, can add users and other actions but with limitations from #6346 , #6348 , #6324
Users = as we know them
@gaumondp Thanks for suggestion but I don't think we need a new type of users, it would be less clear maybe. also adding a new role now is complicated. I would prefer to have good defaults and for the few users who want to configure differently make it easy for them (via config setting).
Tokens now hidden for all super users in Piwik 3