Getting a group access token · GitLab Pages Publisher

What is a group access token?

The publisher needs permission to create and update apps in your team's GitLab group on your behalf. A group access token is a long password-like string that grants exactly that — for one group, with a role and an expiry you choose. You paste it into the publisher once per session; it's never saved to disk.

💡 One token can be shared by everyone on the team who publishes. Whoever creates it just needs to be an Owner of the group.

Create the token

Open your team's group in GitLab (the group that should hold all the published apps — not a single project).
In the left sidebar, go to Settings › Access tokens.
Click Add new token and give it a recognisable name, e.g. pages-publisher.
Set an expiration date. A short one (a few weeks) is safest — you can always create a new token later.
Choose the role Maintainer (or Owner). This is required so the token can create new apps in the group.
Under scopes, tick api only. Nothing else is needed.
Click Create group access token.
Copy the token now — GitLab shows it only once. Then paste it into the publisher on the sign-in step.

Settings at a glance

Name	anything memorable, e.g. `pages-publisher`
Expiration	a short date — renew when it lapses
Role	Maintainer or Owner (needed to create apps)
Scopes	`api` (and only that)

Keep it safe

Treat the token like a password — don't email it or paste it into chats.
The publisher keeps it in your browser for the current session only; it's never written to disk and only ever sent to your own GitLab server.
If a token leaks, go back to Settings › Access tokens, revoke it, and create a new one.

Troubleshooting

"This token isn't linked to a group it can publish into"

The token may be a personal access token rather than a group access token, or its role is too low. Create it from inside the group (step 2 above) with the Maintainer role.

"…isn't allowed to create new apps in the group"

The token authenticated but can't create projects. Ask a group Owner to (1) give the token at least the Maintainer role, and (2) under Group › Settings › General › Permissions, allow members to create projects.

"That token didn't work"

Double-check you copied the whole token (they're long), that it hasn't expired, and that the api scope is selected. If in doubt, create a fresh one.

I can't find "Access tokens" in the group settings

You need to be an Owner of the group to create group access tokens. Ask a group owner to make the token and share it with the team.