Gitlab access token for a single project or group?
Is there a way to make an access token that is only usable for one project? It seems there are only personal access tokens, which gives access to all of my projects.
Yes!
See GitLab 13.3 (August 2020)
Project access tokens
Project level access tokens allow access to a project without the need to provision a new GitLab user.
Project access tokens can be generated by project Maintainers or Owners and be used to authenticate with the GitLab API.
Project access tokens will be authorized as Maintainers.This new functionality will make programmatic access to GitLab easier, more secure, and less cost prohibitive.
See Documentation and Issue.
See also GitLab 13.5 (October 2020)
Project access tokens for GitLab.com
In GitLab 13.3, we introduced project-level access tokens for self-managed instances, allowing access to a project without the need to provision a new user.
We are now making project-level access tokens available in GitLab.com! Project access tokens can be generated by project Maintainers or Owners and be used to authenticate with the GitLab API and Git. Project access tokens will not increase the licensed seat count and are authorized as Maintainers. This new functionality will make programmatic access to GitLab easier, more secure, and less cost prohibitive.
See Documentation and Epic.
See GitLab 14.1 (July 2021)
Select project access token role
Select project access token role
Users can now specify the level of access that a project token should have on the project level upon creation and can view existing project access token roles.
Prior to this release, project access tokens had the Maintainer role. For some users, this role included elevated permissions that were not required.
To avoid abuse, this feature is available for all users except for free GitLab SaaS accounts. All self-managed users as well as Premium and Gold SaaS customers can now easily select and view the appropriate role for their project access tokens.
See Documentation and Issue.
And don't forget about group access token, that you now can create with API or UI since GitLab 14.7 (Jan. 2022).
Deploy keys allow read-only or read-write (if enabled) access to one or multiple repository. Deploy keys can be used for CI, staging or production servers. You can create a deploy key or add an existing one.
Docs: https://docs.gitlab.com/ee/user/project/deploy_tokens/