New feature: Token access restrictions

March 30, 2023

New feature: Token access restrictions

Personal access tokens are used to authenticate developer applications in the Buddy API. With the last release, we have further fortified it with two new options: workspace domain restrictions and IP address restrictions.

Use case

A possible use case involves a DevOps engineer managing automation in their company's workspace using a personal access token. This means that members of that workspace can use that token to participate in the automation process. However, if our engineer works in several workspaces at once, there's a risk that users can use the token to access a workspace they to do not belong to. The new restrictions allow you to mitigate this.

How it works

To enable the restrictions, go to the API settings in your user profile and click the token that you want to adjust:

Check the field Access Restrictions to expand the details. Here you can define the workspaces and IP addresses allowed to use the token:

What you need to know

  • The name of the workspace is the handle from your workspace URL.
  • You can completely disable the API access if required in the workspace settings

You can also define access to individual parts of the system with these scopes in the token details:

  • Workspace
  • Repositories
  • Pipelines
  • Webhooks
  • Integrations

Share:

Alexander Kus

Alexander Kus

Customer Success Manager

A story-teller and conversation-lover, Alexander decided to invest his skills to help his friends at Buddy transform the cold language of patch notes into exciting narratives. Also: an avid gamer, hip-hop DJ, Liverpool FC fan, absentminded husband, and the father of two.