New feature: Token access restrictions
Personal access tokens are used to authenticate developer applications in the Buddy API. With the last release, we have further fortified it with two new options: workspace domain restrictions and IP address restrictions.
Use case
A possible use case involves a DevOps engineer managing automation in their company's workspace using a personal access token. This means that members of that workspace can use that token to participate in the automation process. However, if our engineer works in several workspaces at once, there's a risk that users can use the token to access a workspace they to do not belong to. The new restrictions allow you to mitigate this.
How it works
To enable the restrictions, go to the API settings in your user profile and click the token that you want to adjust:
Image loading...
Check the field Access Restrictions to expand the details. Here you can define the workspaces and IP addresses allowed to use the token:
Image loading...
What you need to know
- The name of the workspace is the handle from your workspace URL.
- You can completely disable the API access if required in the workspace settings
Image loading...
You can also define access to individual parts of the system with these scopes in the token details:
- Workspace
- Repositories
- Pipelines
- Webhooks
- Integrations
Jarek Dylewski
Customer Support
A journalist and an SEO specialist trying to find himself in the unforgiving world of coders. Gamer, a non-fiction literature fan and obsessive carnivore. Jarek uses his talents to convert the programming lingo into a cohesive and approachable narration.