New feature: Token access restrictions |
您所在的位置:网站首页 › gitlab personal access token › New feature: Token access restrictions |
Personal access tokens are used to authenticate developer applications in the Buddy API. With the last release, we have further fortified it with two new options: workspace domain restrictions and IP address restrictions. Use caseA possible use case involves a DevOps engineer managing automation in their company's workspace using a personal access token. This means that members of that workspace can use that token to participate in the automation process. However, if our engineer works in several workspaces at once, there's a risk that users can use the token to access a workspace they to do not belong to. The new restrictions allow you to mitigate this. How it worksTo enable the restrictions, go to the API settings in your user profile and click the token that you want to adjust: Check the field Access Restrictions to expand the details. Here you can define the workspaces and IP addresses allowed to use the token: What you need to knowThe name of the workspace is the handle from your workspace URL.You can completely disable the API access if required in the workspace settingsYou can also define access to individual parts of the system with these scopes in the token details: WorkspaceRepositoriesPipelinesWebhooksIntegrations |
CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3 |