Inventory Token Types, Scopes, and Entities
| Scope | Token | Internal Team Owner | Purpose |
|---|---|---|---|
| User | Session Cookie | User authorization | |
| User | OAuth Tokens | groupauthentication | User authentication |
| Project | LFS Token | LFS operation authorization | |
| User | Personal Access Token | groupauthentication | |
| Project | Project Access Token | groupauthentication | |
| Group | Group Access Token | groupauthentication | |
| Build / Project | CI Job Token | groupauthentication (as of 17.10) | Authorize CI operations on behalf of users |
| Runner | CI Runner | grouprunner | Pick jobs |
| Project | CI Trigger API | Trigger CI pipeline | |
| Instance-wide | Instance-wide Runner Registration Token | grouprunner | Register Runner (deprecated) |
| Group | Group Runner Registration Token | grouprunner | Register Runner (deprecated) |
| Project | Project Runner Registration Token | grouprunner | Register Runner (deprecated) |
| Project | Project Deploy Token | Git, registry, package access (potentially write) | |
| Project | Registry JWT Token | Authorize user access to Registry | |
| Instance-wide | Health-Check Token | Get metrics or liveness probes | |
| Instance-wide | Error Tracking | ? | |
| User | Incoming Email Token | groupauthentication | Create issue on email |
| User | Feed token | groupauthentication | Get user activitiy |
| Feature Flags, Project? | Unlesh API | Get feature flags from GitLab | |
| Clusters | Agent Token | ? | |
| Group | SAML Discovery Token | groupauthentication | ? |
| User or email | Confirmation token | groupauthentication | Confirm user email |
Edited by Hannah Sutor