Monorepo access token setup tedious

Regarding service tokens:

I understand the principle of least privilege, scoping everything per project and config.

But when using a Monorepo and something like Turborepo or NX, the access token setup and control can become very tedious for the CI/CD pipeline. For CI I would need one access token that has access to all CI or TEST configs, instead of 10+ tokens, when running many services.

Is there a way to share a token between configs, so it would have access to multiple projects+configs?

EDIT:
Ok, it seems the token (alone) clearly identifies environment + config, and only the token is needed to let Doppler CLI know, what secrets to get, which kind of contradicts the suggestion above.
Still, some best practices for Monorepos would be great in the docs.

By the way: This is one of the best and most useful services I have used in the last years. The dashboard UI is also superb!

Hey @blunick and welcome to the Doppler community.

Glad you got this figured out and we’ll get some monorepo docs added soon.

Out of interest, what CI/CD environment are you using?

Hey @ryan-blunden , that’s great.

We use https://semaphoreci.com/ cause they run on quite fast machines.

Nice! I hadn’t heard of them. Will check them out.

Thanks!