
March 30, 2023
New feature: Token access restrictions
Personal access tokens are used to authenticate developer applications in the Buddy API. With the last release, we have further fortified it with two new options: workspace domain restrictions and IP address restrictions.
Use case
A possible use case involves a DevOps engineer managing automation in their company's workspace using a personal access token. This means that members of that workspace can use that token to participate in the automation process. However, if our engineer works in several workspaces at once, there's a risk that users can use the token to access a workspace they to do not belong to. The new restrictions allow you to mitigate this.
How it works
To enable the restrictions, go to the API settings in your user profile and click the token that you want to adjust:
Check the field Access Restrictions to expand the details. Here you can define the workspaces and IP addresses allowed to use the token:
What you need to know
- The name of the workspace is the handle from your workspace URL.
- You can completely disable the API access if required in the workspace settings
You can also define access to individual parts of the system with these scopes in the token details:
- Workspace
- Repositories
- Pipelines
- Webhooks
- Integrations
Share:

Alexander Kus
Customer Success Manager