doc/auth/tokens/fine_grained_access_tokens_other.md
{{< details >}}
{{< /details >}}
{{< history >}}
{{< /history >}}
A fine-grained personal access token can access only the resources and permissions you grant it. To use one with Git and other operations, create a token and define its scope. For more information, see fine-grained personal access tokens.
In the following tables:
A fine-grained personal access token used as the password for Git over HTTPS must have the following permissions:
| Operation | Resource | Permission | Access |
|---|---|---|---|
| Clone or pull a project repository | Code | Download | Project |
| Push to a project repository | Code | Push | Project |
| Clone or pull a wiki | Wiki | Read | Project, Group <sup>1</sup> |
| Push to a wiki | Wiki | Create | Project, Group <sup>1</sup> |
| Clone or pull a snippet | Snippet | Read | Project, User <sup>2</sup> |
| Push to a snippet | Snippet | Update | Project, User <sup>2</sup> |
| Download Git LFS objects | Code | Download | Project |
| Upload Git LFS objects | Code | Push | Project |
Footnotes:
A fine-grained personal access token used to sign in to the container registry must have the following permissions:
| Operation | Resource | Permission | Access |
|---|---|---|---|
| Pull container images | Container Repository | Read | Project |
| Delete container images and tags | Container Repository | Delete | Project |
[!note] You cannot use fine-grained personal access tokens to push container images.
A fine-grained personal access token used to sign in to the dependency proxy must have the following permissions:
| Operation | Resource | Permission | Access |
|---|---|---|---|
| Pull container images through the dependency proxy | Dependency Proxy | Read | Group |
| Operation | Resource | Permission | Access |
|---|---|---|---|
| Download a repository archive | Code | Download | Project |
| Download a release asset from a direct link | Release | Read | Project |
A fine-grained personal access token used to authenticate RSS or iCalendar feed requests must have the following permissions:
| Feed | Resource | Permission | Access |
|---|---|---|---|
| User activity | Activity | Read | User |
| Project activity | Event | Read | Project |
| Group activity | Event | Read | Group |
| Project commits | Code | Read | Project |
| Project tags | Code | Read | Project |
| Issues and work items, including calendars | Work Item | Read | Project, Group, User |
| Merge requests | Merge Request | Read | Project, Group |
| Your projects | Project | Read | User |
| Personal access token expiration calendar | Personal Access Token | Read | User |
| Operation | Resource | Permission | Access |
|---|---|---|---|
| Forward editor extension telemetry events | Editor Telemetry | Create | User |
| Receive live comment updates over WebSocket | Work Item | Read | Project, Group |