# ERROR: Registration token is expired. Please generate a new registration token on the GitLab admin area. - **ID:** `cicd/gitlab-ci-runner-registration-token-expired` - **Domain:** cicd - **Category:** auth_error - **Verification:** ai_generated - **Fix Rate:** 92% ## Root Cause The GitLab Runner registration token used to register the runner has expired, typically due to a token rotation policy or manual revocation in GitLab settings. ## Version Compatibility | Version | Status | Introduced | Deprecated | |---------|--------|------------|------------| | GitLab 16.8 | active | — | — | | GitLab Runner 16.7.0 | active | — | — | ## Workarounds 1. **Generate a new registration token from GitLab admin area: go to Admin > CI/CD > Runners, click 'Register a runner', copy the new token. Then re-register the runner: `sudo gitlab-runner unregister --name my-runner && sudo gitlab-runner register --url https://gitlab.com --registration-token NEW_TOKEN --non-interactive --executor docker --description my-runner`.** (95% success) ``` Generate a new registration token from GitLab admin area: go to Admin > CI/CD > Runners, click 'Register a runner', copy the new token. Then re-register the runner: `sudo gitlab-runner unregister --name my-runner && sudo gitlab-runner register --url https://gitlab.com --registration-token NEW_TOKEN --non-interactive --executor docker --description my-runner`. ``` 2. **If using GitLab CI/CD variables, update the `CI_REGISTRATION_TOKEN` variable in the project or group settings with the new token, then trigger a pipeline that re-registers the runner automatically.** (85% success) ``` If using GitLab CI/CD variables, update the `CI_REGISTRATION_TOKEN` variable in the project or group settings with the new token, then trigger a pipeline that re-registers the runner automatically. ``` ## Dead Ends - **** — The token is stored in the runner's config.toml and is expired on the server side; restarting does not refresh it. (95% fail) - **** — Manually editing the token without proper registration can cause authentication failures; GitLab expects the token to be generated and associated with a specific runner. (80% fail)