General Info




Apache 2.0


free, open-source

Plugin Description

Allows to delegate agent authorization to the agent machine administrators.


Basic implementation completed. Can be unstable in non-basic use.


1. Set internal property agent.authorize.tokens to a set of comma-separated values in the format "name:secureToken:limit:agentPoolId"
For example:

Default agents pool has id "0", other agentPoolId values you can look up in the list by REST URL http://SERVER_URL/app/rest/agentPools
The only currently supported "limit" is "1".

2. On unauthorized agent, add "teamcity.magic.authorizationToken" configuration parameter into buildAgent.propertes file with the value of the token
For example:

3. Once connected, the agent is authorized noting the token name in the authorization comment and is moved to the agent pool specified by the id in the step 1.
Further agents connected with the same token will not be authorized.

Each token can be used to authorize a single agent only.

Known Issues

If an authorized agent is unauthorized or deleted form the server, another agent can connect with the authorization token.
The only currently supported "limit" is "1".


Last build on public TeamCity server.

TeamCity Versions Compatibility

Compatible with TeamCity 8.0 and later.


Copy the plugin zip into the <TeamCity Data Directory>/plugins directory (more on this).


Everybody is encouraged to try the plugin and provide feedback in the forum or post bugs into the issue tracker.
Please make sure to note the plugin version that you use.

Development links

<builds are not yet available>

[Builds|] at JetBrains public TeamCity instance.

Related Materials

Original issue: TW-33377

h2. (Internal) My future interest
- polish, test the plugin, improve logging, etc.
- make it publicly available for those interested, use it on buildserver
- Implement ability in the core to remove agent properties, use this in the plugin
- implement UI for the plugin instead of using