Capabilities
Pipelines→
Build the CI/CD workflows you need.
Test Engine→
Remove flaky tests, split tests, optimize performance.
Package Registries→
Speed up builds, lock down security.
Mobile Delivery Cloud→
Supercharge your mobile app delivery.
Flexible compute
Self-hosted agents Mac hosted agents Linux hosted agents
The Buildkite Platform→
Continuous Integration that provides teams with the speed to ship software at scale.
Agentic workflows→
Building blocks for AI-powered CI.
Replace Jenkins
Shift your software delivery into high gear.
Workflows for MLOps
Shift your software delivery into high gear.
Testing at scale
Deliver quickly and confidently, at any scale.
Monorepo mojo
Scale your monorepo without scaling your problems.
Bazel orchestration
Unlock full-speed Bazel with dynamic pipelines and unlimited scale.
Example pipelines
Browse a collection of quick-start pipeline examples.
Webinars
Register for upcoming sessions or watch on-demand recordings.
Blog
Insights from the team building Buildkite.
Public pipelines
See public and open source projects powered by Buildkite.
Case studies
Real-world customer success stories.
Events
Join us at industry conferences and community meetups.
Changelog Plugins Migration Services Newsletter
Follow Buildkite

About

The people behind the world's fastest CI platform.

Careers

Join the team!

pipeline.yaml

name: "Join Buildkite"
description: "Fetch all jobs, filter by relevance, and apply"
steps:
  - command: "curl -X GET 'https://boards-api.greenhouse.io/v1/boards/buildkite/jobs' \ -H 'Content-Type: application/json' \ -v"
    label: ":terminal: Fetch latest jobs"

Press and news Legal Security Brand assets

Follow Buildkite

Contact

Resources
/
Changelog
/
Read-only mode for GraphQL API tokens

April 16, 2026

Read-only mode for GraphQL API tokens

User API access tokens now have an explicit GraphQL access mode. You can create tokens that can run GraphQL queries but not mutations.

When creating or editing a user API access token, the GraphQL permission offers three options:

Disabled: No GraphQL API access
Read-only: Can run queries, but mutations are rejected
Full access: Can run both queries and mutations

GraphQL access mode options for API tokens

Key details

Existing tokens are unaffected: All previously created GraphQL-enabled tokens continue to work with full access.
Mutation guard: Read-only tokens are blocked before any mutation code runs, so there is no risk of partial side effects.
Audit visibility: The selected GraphQL access mode is displayed in the token summary and the organization API access audit view.

For more information, see the API access tokens documentation.

Lachlan

Atom feed

Start turning complexity into an advantage

Create an account to get started for free.

Get started free

Capabilities

Pipelines→

Test Engine→

Package Registries→

Mobile Delivery Cloud→

Flexible compute

The Buildkite Platform→

Agentic workflows→

Replace Jenkins

Workflows for MLOps

Testing at scale

Monorepo mojo

Bazel orchestration

Example pipelines

Webinars

Blog

Public pipelines

Case studies

Events

Follow Buildkite

About

Careers

Follow Buildkite

Read-only mode for GraphQL API tokens

Key details

Lachlan

Start turning complexity into an advantage

Platform

Hosting options

Resources

Company

Solutions

Legal

Support