GitLab - Create A Project Access Token
This tutorial will show you how to create a token for a specific project.
These tokens are tied to a project, rather than to a user, so they may not get revoked if an administrator was to ban/block/delete the user that created them. It also means the token is rather more restricted, only gaining access to one project instead of all the projects the user has access to.
Project access tokens are generally than deployment keys in my opinion, because they restrict the server to accessing just that project, unlike a deployment key, which has read-only access to all the projects the user has. Thus if the server was to become compromised, the damage is far less severe.
Related Posts
Steps
- Navigate to your poject and click on Settings
- Then click on Access Tokens
- Give a name for your token to remember it by. This is important for if you ever need to revoke it for security reasons (e.g. will know which one to revoke).
- Optionally give the token an expiry date. Generally a good idea.
- Set the access level the token provides.
- Click Create project access token
- Your newly generated token will appear at the top.
- You can click the clipboard button to the right of it to copy it to your clipboard.
The token will appear in the list of active personal tokens down the page. You can click the Revoke button to delete it, thus removing the access permissions to whatever service was making use of it.
Usage
Once you have generated a project access token, you can use it to clone a repository with git clone like below (substituting out the {}
variables).
git clone https://{deploy-key-name}:{deploy-key-token}@gitlab.mydomain.com/my-group/my-project-name.git
Once cloned this way, you can perform pulls which will continue to use that token.
First published: 16th February 2021