Add token revocation note and example to authentication docs

[AumPatel1]

Description

This pull request adds a new subsection, "Token Revocation," to the Kubernetes authentication documentation under the "Using Authentication Configuration" section. The changes address the absence of full token revocation support in Kubernetes by:

• Explaining that Kubernetes does not currently support full token revocation for authentication tokens.
• Recommending the use of short-lived tokens to minimize risks from compromised tokens.
• Providing an example of a user validation rule using Common Expression Language (CEL) to approximate token revocation. The example uses the jti claim to check a token’s credential ID against a denylist.

These updates aim to guide users on managing token security effectively, based on discussions in issue #51015. The subsection is placed after an existing YAML example and includes a formatted code block for clarity.

Issue

Closes: #51015

Issue

Closes: #

[k8s-ci-robot]

Welcome @AumPatel1!

It looks like this is your first PR to kubernetes/website 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes/website has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign reylejano for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• content/en/docs/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[netlify]

✅ Pull request preview available for checking

Built without sensitive environment variables

Name	Link
🔨 Latest commit	4d40a1f
🔍 Latest deploy log	https://app.netlify.com/projects/kubernetes-io-main-staging/deploys/683645290f120d0008874454
😎 Deploy Preview	https://deploy-preview-51093--kubernetes-io-main-staging.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[lmktfy]

Overall, we should think about keeping the reference page factual and straightforward.

However, the reference docs can and should link to task pages that explain how to achieve relevant outcomes.

[lmktfy]

nit: headings should be sentence case (lowercase "r" please)

[lmktfy]

Odd to have a section about Token revocation in a reference page, and then explain it's not a thing. That's not the usual way to write reference documentation.

Maybe this should be a task page: how to implement token revocation for your cluster.

What do you think?

[lmktfy]

Make sure to explain what component implements userValidationRules

[lmktfy]

/sig auth

[k8s-ci-robot]

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.