summaryrefslogtreecommitdiff
path: root/doc/security/token_overview.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/security/token_overview.md')
-rw-r--r--doc/security/token_overview.md6
1 files changed, 3 insertions, 3 deletions
diff --git a/doc/security/token_overview.md b/doc/security/token_overview.md
index c00e5bff383..4e72033fd77 100644
--- a/doc/security/token_overview.md
+++ b/doc/security/token_overview.md
@@ -71,7 +71,7 @@ You can use the runner registration token to add runners that execute jobs in a
After registration, the runner receives an authentication token, which it uses to authenticate with GitLab when picking up jobs from the job queue. The authentication token is stored locally in the runner's [`config.toml`](https://docs.gitlab.com/runner/configuration/advanced-configuration.html) file.
-After authentication with GitLab, the runner receives a [job token](../api/index.md#gitlab-cicd-job-token), which it uses to execute the job.
+After authentication with GitLab, the runner receives a [job token](../ci/jobs/ci_job_token.md), which it uses to execute the job.
In case of Docker Machine/Kubernetes/VirtualBox/Parallels/SSH executors, the execution environment has no access to the runner authentication token, because it stays on the runner machine. They have access to the job token only, which is needed to execute the job.
@@ -79,7 +79,7 @@ Malicious access to a runner's file system may expose the `config.toml` file and
## CI/CD job tokens
-The [CI/CD](../api/index.md#gitlab-cicd-job-token) job token
+The [CI/CD](../ci/jobs/ci_job_token.md) job token
is a short lived token only valid for the duration of a job. It gives a CI/CD job
access to a limited amount of API endpoints.
API authentication uses the job token, by using the authorization of the user
@@ -105,7 +105,7 @@ This table shows available scopes per token. Scopes can be limited further on to
1. Limited to the one project.
1. Runner registration and authentication token don't provide direct access to repositories, but can be used to register and authenticate a new runner that may execute jobs which do have access to the repository
-1. Limited to certain [endpoints](../api/index.md#gitlab-cicd-job-token).
+1. Limited to certain [endpoints](../ci/jobs/ci_job_token.md).
## Security considerations
View Lorry Controller Status