---
title: Restrict Personal Access Tokens to API scope on web requests
merge_request:
author:
type: security