Scoped API tokens
Give CI and coding agents a token scoped to deploy, env, or read-only — optionally bound to one app.
A full-account token can do everything: delete apps, read every app's data, manage billing. That's more than a deploy pipeline needs. You can now mint a scoped token instead:
bunx percher token create ci --scope deploy --app my-appScopes are deploy (publish, roll back, read logs), env (set and read env vars), read (GETs only), and full. Add --app to bind a token to a single app. List them with percher token list and revoke a leaked one with percher token revoke <id>. The secret is shown once.