JetBrains Space Help

Authorize in Packages

Private and public repositories

Repositories in Space Packages are project-wide entities. There are two types of repositories:


Only authorized users can access private repositories. The access is managed by the Package Repositories permissions group. By default:

  • Project Member has Read, Write, and Create permissions.

  • Organization Member has only Read permission.

  • Project Admin in addition to Read, Write, and Create, has the Admin permission that allows editing and deleting repositories.

  • Automation Service has Read and Write permissions. When an Automation job pulls or pushes packages, it uses this predefined role to access repositories.


All unauthorized users have Read permission to public repositories.

To change the repository access type

  1. Find the required repository.

  2. Open repository settings.

  3. Choose Public access or Private access.

To change repository access permissions for a role

  1. Find the required project.

  2. Open Project Settings → Access.

  3. In the list of roles on the left, choose the role for which you want to change access permissions.

  4. Set required permissions in the Package Repositories group.


Packages support a number of authorization ways:


Use case

Using your Space username and password

(Not recommended)

Accessing a repository with a tool like docker, mvn, dotnet, and so on.

Using your Space username and personal token

Accessing a repository with a tool like docker, mvn, dotnet, and so on.

Using an application account

Accessing a repository from an external service, for example, a CI/CD server.

No authorization (only public repositories)

Accessing publicly available repositories.

To authorize with your Space user account

  • When asked for credentials, specify your Space username and password. We strongly recommend that you use a personal permanent token instead of a password:

    1. To create a token, go to My Profile | Authentication | Personal Tokens and choose New personal token.

    2. When creating the token, provide it as minimum permissions as possible:

      • In Token permissions, select Limited access.

      • With Add context, you may limit the token with access only to repositories of a particular project.

      • Edit the particular permission context: add Read package repositories and Write package repositories for giving Read and Write access correspondingly.

    3. Copy the generated permanent token to a secure place.

    4. When a tool or an application asks you for the password, you should specify this token instead.

To authorize with an application account

  1. On the main menu, click Extensions Extensions and choose Installed.

  2. Click New Application.

  3. Specify the account Name.

  4. Click Edit requested rights and provide the account as minimum rights as possible. To work with Packages, only rights from the Package repositories group are required.

  5. After the application is created, switch to the Authorization tab.

  6. Click Add project and select projects. The account will get access only to the repositories of the selected projects.

  7. Switch to the Permanent Tokens tab and click New permanent token.

  8. Copy the generated permanent token to a secure place.

  9. Open the Authentication tab and copy the Client ID field.

    Application account for Packages
  10. When a tool or an application asks you for credentials, specify the copied Client ID as a username and the generated permanent token as a password.

Last modified: 20 April 2023