Feature Description

It would be nice to have a more limited access token than user access token.

• A Repository-level access token should only be able to read/write its repository, call /repos/ API endpoints and configure repository webhooks.

• An Organization-level access token should be able to authenticate to /orgs/ endpoints and do the same things as Repository-level access token for all the repositories inside it.

I'm a long time GitLab user, so this is just my way of wanting its feature in Gitea. Also, Repository and Organization access token should also have configurable scopes at creation time.

Ref: https://docs.gitlab.com/ee/security/token_overview.html

Screenshots

No response