The remote API uses access tokens to authorize requests. You can retrieve an access token in the Drone user interface by navigating to your user profile. Authorization to the API is performed using the HTTP Authorization header. Provide your token as the bearer token value.
If your repository is private or requires authentication to clone, Drone injects the credentials into your pipeline environment. Drone uses the oauth2 token associated with the repository owner as the clone credentials.
Step 1: Revoke the token
- On the DroneCI page, click on your avatar, then Account
- Click on Security
- In the API Tokens section, find the compromised token
- Click on Delete
Step 2: Monitor for abuse
Updated 16 days ago