Access Tokens Captain Cloud

Currently, Access Tokens are used for:

Generating an Access Token

  • Navigate to your Access Tokens settings page
    • Log in to RWX
    • From the hamburger navigation menu, select "Manage {organization}"
    • Click on "Access Tokens" on the menu on the left
  • Click "Create new"
  • Enter a description, such as "GitHub Actions"
  • Click "Create token"
  • Copy the Access Token (you'll use it in the next section)

GitHub Actions

Set your access token in GitHub's Actions secrets to make it available in your builds:

  • On your organization settings page in GitHub, under the Security heading, Expand the "Secrets and variables" menu, then click on Actions.
  • Click on the "New organization secret" button
  • Enter RWX_ACCESS_TOKEN for the name
  • Paste the Access Token that you generated for the Value
  • Set the Repository access appropriately for the repositories you'd like to integrate into Captain or ABQ
  • Click Add secret

see GitHub's documentation for more information.


Circle has two approaches to setting environment variables: context and project. We recommend using contexts as it allows you to share the token across multiple workflows.

  • On your organization settings page, click on "Contexts"
  • Click on "Create Context" and give it a name. In our documentation, we use a context named "rwx". If you use that name, it'll be easier to copy/paste our example workflows
  • Click on the context, then click "Add Environment Variable"
  • Enter RWX_ACCESS_TOKEN in the "Environment Variable Name" field
  • Paste the Access Token into the "Value" field

Additionally, you can limit member or repository access to the context. See CircleCI's documentation for more information.


Set your access token in GitLab's CI variable settings. For ease of sharing the access token across projects, we recommend setting it at the instance-level if self-hosting GitLab or at the group level if using hosted GitLab. Here's how to set the access token environment variable for a group:

  • On your group's page, hover over "Settings" in the menu on the left and click on "CI/CD"
  • Click on "Variables" to expand it, and then click on "Add Variable"
  • Enter RWX_ACCESS_TOKEN in the "Key" field
  • Paste the Access Token into the "Value" field
  • Leave "Type" set to "Variable" and "Environment scope" set to "All"
  • Ensure that only "Mask variable" is checked ("Protect variable" flag will prevent the CLI from working properly for feature branches. "Expand variable reference" is unnecessary.)

Recovering an Access Token

We do not store Access Tokens in our system; we only save digests. Therefore, we cannot recover a lost Access Token. If you misplaced a token, generate a new one.

Rotating an Access token

You can have as many Access Tokens as you'd like. To rotate a token:

  • Generate a new token per the instructions above
  • Switch your integration to use the new token
  • Log into RWX and revoke the old token