Access Tokens and Integration Servers


What is it?

This KB article provides a better understanding of how to access tokens in Kiln and its integrations.

Who will use it?

Agents, End-User

How is it used?

Starting in Kiln 2.5.170, a new feature, called Access Tokens, allows CI systems to work with Kiln, without using up a Kiln license. Access Tokens aren’t full-fledged Kiln accounts; they only allow cloning and pulling from Kiln repositories, optionally pushing to them, and working with the JSON API. They also run in two permissions modes: global, and read-only. Read-only allows access to the API and repositories (i.e., cloning and pulling); and global write access allows pushing to all repositories, plus a limited ability to edit some Kiln objects via the API.

Making access tokens is simple. To create one, just go to the Access Tokens page, click Create New Access Token, give it a name, and presto, you’re done. You can change the name at any point just by clicking on the description, giving it a new description, and saving your changes. You can also toggle whether the token is read-only or read and write via the same editing mode.

So, how do you use Access Tokens? It’s easy as pie.

When interacting with Kiln via Mercurial or Git, simply supply the token ID with any password (the password is ignored). When interacting with the API, simply use the access token as your Kiln token.

That’s it. Everything else works as normal.

On a build server, you can put the token in the hgrc file inside a repo’s .hg folder, or in the build user’s Mercurial.ini

If you are using Git on a build server, you can put the token in the config file inside a repo’s .git folder, or in the build user’s .gitconfig file. 


For Git repositories, you can also adjust the URL of the repository to include the Access Token, like the following: