From cbc4bcfa95b1ab2c280e029e71bd5e1fb297b654 Mon Sep 17 00:00:00 2001
From: Massimo Prencipe <mprencipe@gmail.com>
Date: Thu, 21 Mar 2024 16:10:20 +0200
Subject: [PATCH 1/2] Disable automatic API key generation for teams. Fixes
 issue #2552.

Signed-off-by: Massimo Prencipe <mprencipe@gmail.com>
---
 .../java/org/dependencytrack/resources/v1/TeamResource.java     | 2 +-
 .../java/org/dependencytrack/resources/v1/TeamResourceTest.java | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/dependencytrack/resources/v1/TeamResource.java b/src/main/java/org/dependencytrack/resources/v1/TeamResource.java
index 2bb2389219..7dc67a54ab 100644
--- a/src/main/java/org/dependencytrack/resources/v1/TeamResource.java
+++ b/src/main/java/org/dependencytrack/resources/v1/TeamResource.java
@@ -132,7 +132,7 @@ public Response createTeam(Team jsonTeam) {
         );
 
         try (QueryManager qm = new QueryManager()) {
-            final Team team = qm.createTeam(jsonTeam.getName(), true);
+            final Team team = qm.createTeam(jsonTeam.getName(), false);
             super.logSecurityEvent(LOGGER, SecurityMarkers.SECURITY_AUDIT, "Team created: " + team.getName());
             return Response.status(Response.Status.CREATED).entity(team).build();
         }
diff --git a/src/test/java/org/dependencytrack/resources/v1/TeamResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/TeamResourceTest.java
index 59e73d07b5..0d7cc142cb 100644
--- a/src/test/java/org/dependencytrack/resources/v1/TeamResourceTest.java
+++ b/src/test/java/org/dependencytrack/resources/v1/TeamResourceTest.java
@@ -134,6 +134,7 @@ public void createTeamTest() {
         Assert.assertNotNull(json);
         Assert.assertEquals("My Team", json.getString("name"));
         Assert.assertTrue(UuidUtil.isValidUUID(json.getString("uuid")));
+        Assert.assertTrue(json.getJsonArray("apiKeys").isEmpty());
     }
 
     @Test

From 61e9140d8fafec92022f32619d282bf116c53283 Mon Sep 17 00:00:00 2001
From: Massimo Prencipe <mprencipe@gmail.com>
Date: Thu, 21 Mar 2024 16:18:27 +0200
Subject: [PATCH 2/2] Fix documentation

Signed-off-by: Massimo Prencipe <mprencipe@gmail.com>
---
 docs/_docs/integrations/rest-api.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/docs/_docs/integrations/rest-api.md b/docs/_docs/integrations/rest-api.md
index 1e3dc80522..53efd08b76 100644
--- a/docs/_docs/integrations/rest-api.md
+++ b/docs/_docs/integrations/rest-api.md
@@ -15,7 +15,6 @@ FireFox extensions can be use to quickly use the Swagger UI Console.
 
 ![Swagger UI Console](/images/screenshots/swagger-ui-console.png)
 
-Prior to using the REST APIs, an API Key must be generated. By default, creating a team will also create a corresponding
-API key. A team may have multiple keys.
+Prior to using the REST APIs, an API Key must be generated. By default, creating a team will NOT create a an API key. A team may have multiple keys.
 
 ![Teams - API Key](/images/screenshots/teams.png)