Job token


Job token

Every job has a dedicated job token

Job tokens can be used to authenticate:

Job token inherits the access level of triggering user

When using schedules the creator of the schedule is used

Configure the allowlist for foreign job tokens


Heads-Up: Deprecation in GitLab 16.6

Breaking change in behavior of token scope

Before 16.6

Allowlist of projects a token is allowed to access

Defined outgoing permissions

Starting with 16.6

Allowlist of projects to allow access from

Defines incoming access


Pro tip: Clone across projects

Works if cloned project is public or internal

Works if source project is in allowlist of target project