Starting in Kiln 2.5.170, a new feature, called Access Tokens, allows CI systems to work with Kiln, without using up a Kiln license. Access Tokens aren’t full-fledged Kiln accounts; they only allow cloning and pulling from Kiln repositories, optionally pushing to them, and working with the JSON API. They also run in two permissions modes: global, and read-only. Read-only allows access to the API and repositories (i.e., cloning and pulling); and global write access allows pushing to all repositories, plus a limited ability to edit some Kiln objects via the API.

The Access Tokens configuration screen can be access via the Administration menu

Making access tokens is simple. To create one, just go to the Access Tokens page, click Create New Access Token, give it a name, and presto, you’re done. You can change the name at any point just by clicking on the description, giving it a new description, and saving your changes. You can also toggle whether the token is read-only or read and write via the same editing mode.

You can edit tokens just by clicking on them.

So, how do you use Access Tokens? It’s easy as pie.

When interacting with Kiln via Mercurial or Git, simply supply the token ID with any password (the password is ignored). When interacting with the API, simply use the access token as your Kiln token.

That’s it. Everything else works as normal.

On a build server, you can put the token in the hgrc file inside a repo’s .hg folder, or in the build user’s Mercurial.ini file.

kiln.prefix =
kiln.username =  9f5d3162-1678-43d9-ae70-06bc4def15b9
kiln.password = anypassword

If you are using Git on a build server, you can put the token in the config file inside a repo’s .git folder, or in the build user’s .gitconfig file.

name =  9f5d3162-1678-43d9-ae70-06bc4def15b9

For Git repositories, you can also adjust the URL of the repository to include the Access Token, like the following: