Allowlist for Use by Project Access Tokens Defined at the Organization Level

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to solve

A top 50 Ultimate, SaaS customer has requested this feature proposal.

Use Case: slack thread (internal)

"Is there a way to create an allowlist for use by project access tokens defined at the organization level? If we have a 3rd party tool that is doing something inside our repos, how can we ensure that we limit the blast radius if that key gets exposed?”

Proposal

Create an allowlist for PrAT at the group or organizational level to limit the exposure of PrATs to specific allowed tools and functions.

Intended users

• Parker (Product Manager)
• Delaney (Development Team Lead)
• Presley (Product Designer)
• Sasha (Software Developer)
• Priyanka (Platform Engineer)
• Sidney (Systems Administrator)
• Rachel (Release Manager)
• Simone (Software Engineer in Test)
• Allison (Application Ops)
• Ingrid (Infrastructure Operator)
• Dakota (Application Development Director)
• Amy (Application Security Engineer)
• Isaac (Infrastructure Engineer)
• Alex (Security Operations Engineer)
• Cameron (Compliance Manager)

-->

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.