Skip to main content

Read the security model

Deploy tokens are the automation counterpart to human-linked devices.

What a Deploy Token Is

A deploy token is a scoped automation identity that can fetch and decrypt one environment without using a human session. Each token issues two secrets:
  • GHOSTABLE_CI_TOKEN for API authentication.
  • GHOSTABLE_DEPLOY_SEED for the private cryptographic material used by the runner.

When to Use One

Deploy tokens are the right choice for:
  • CI pipelines.
  • Build runners.
  • Deployment hooks.
  • Scheduled automation.
They are not meant for local development or interactive team workflows.

Lifecycle Expectations

Treat deploy tokens like production credentials:
  • Scope them narrowly, ideally one token per environment.
  • Rotate them on a schedule or after exposure.
  • Revoke them immediately when a runner is retired.
  • Store both values in a proper secret manager.

Continue with Your Client

Create from Desktop

Use the environment Deploy Tokens view to issue, rotate, and revoke secrets.

Create from CLI

Use the CLI to issue automation credentials from a trusted workstation.