Grant a service token database access

automation & ci

// what it does

Grants specific permissions on a specific database to a token — create_branch, read_branch, delete_branch, create_deploy_request, and friends — or org-level grants like create_databases. Tokens start with zero access, so this is where their power is defined.

// shell

$ pscale service-token add-access <token-id> create_branch read_branch delete_branch --database mydb
$ pscale service-token add-access <token-id> create_deploy_request read_deploy_request --database mydb

// gotcha

Grant the minimum the pipeline needs: a CI that creates preview branches needs create_branch/delete_branch on one database, not org admin. The full permission list lives in the API docs — check it rather than guessing names.

// resources