### Problem to solve When you [Restrict pipeline variables](https://docs.gitlab.com/ci/variables/#restrict-pipeline-variables) to `No one` and then [trigger a pipeline via the API](https://docs.gitlab.com/ci/triggers/#trigger-a-pipeline), you receive a `Insufficient permissions to set pipeline variables` error. That's because of the `TRIGGER_PAYLOAD` variable that is always added in https://gitlab.com/gitlab-org/gitlab/-/blob/b5de9978de0b357aa91319efe5e76d0ec1ccb983/app/services/ci/pipeline_trigger_service.rb#L89. This variable is an implementation detail and not a user explicitly setting a pipeline variable. ### Proposal [Triggering a pipeline via the API](https://docs.gitlab.com/ci/triggers/#trigger-a-pipeline) should work regardless of the [Restrict pipeline variables](https://docs.gitlab.com/ci/variables/#restrict-pipeline-variables) setting when the user does not define any variables in the API call. However, the setting should still prevent users from [specifically passing variables](https://docs.gitlab.com/ci/triggers/#pass-cicd-variables-in-the-api-call). There is precedent for adding an exception: https://gitlab.com/gitlab-org/gitlab/-/issues/513148