## Summary GitLab now offers [fine-grained permissions for Personal Access Tokens](https://gitlab.com/groups/gitlab-org/-/epics/18177), allowing users to create tokens with specific, limited access to only the resources and operations they need. This new capability replaces the broad legacy scopes like `read_api` and `api` with granular permissions that can be restricted to specific projects and groups, significantly reducing the security blast radius if a token is compromised. Users can now apply the principle of least privilege to their automation and integrations by selecting precise combinations of read and write for different resource types including repositories, issues, pipelines, and more.