Hello,

Regarding API tokens:

- Security: API tokens should be at the project level, not the organization level.

- Notification: When a token is about to expire, whether it's a storage or API token, a notification should be sent to the administrator.

Thanks, best regards.