[BE] Config: New graphql mutation to create fine-grained PAT

We need a mutation that allows a fine-grained personal access token to be created.

Proposed mutation

mutation {
  personalAccessTokenCreate(input: {
    name: "Token name"
    description: "Token description"
    expiresAt: "2025-10-03T02:10:43Z"
    permissions: [
      { value: "SOME_PERMISSION", namespace: "gid://gitlab/Group/1" }, # group permission
      { value: "SOME_PERMISSION", namespace: "gid://gitlab/Project/2" }, # project permission
      { value: "SOME_PERMISSION", namespace: "gid://gitlab/User/3" }, # user permission
      { value: "SOME_PERMISSION", namespace: null } # instance permission
    ]
  }) {
    errors
    personalAccessToken {
      ...
    }
  }
}

Field	Description
`name`	Name of the token
`description`	Description of the token
`expiresAt`	Timestamp that the token expires at
`permissions`	Array of permissions that the token grants. The `value` is the token's unique identifier. `namespace` is the namespace of the boundary that the token belongs to. It can either be a group, user, project, or null (meaning an instance permission)

Edited Oct 17, 2025 by 🤖 GitLab Bot 🤖