When you update a GitLab token in Cortex, adding a new configuration and removing the old one is the correct approach. However, you must also ensure that all references (such as in Scaffolders or Workflows) are updated to use the new configuration. If any templates or workflows are still referencing the old (now invalid) token, you will continue to see errors until those are updated to point to the new, valid configuration.
The "Configuration is valid!" message only confirms that the token can connect to GitLab at a basic level. It does not guarantee that all features (like webhooks, branch protection, or MR creation) will work, especially if permissions or references are misconfigured.
Ensure the new token has the correct permissions: it should have the api scope and be created by a user with at least the Maintainer role in GitLab.
The token configured in GitLab must match the one expected by Cortex. If you rotated the token in Cortex but did not update the webhook secret/token in GitLab, requests will be rejected.
If you still need troubleshooting assistance, please reach out to support providing logs and confirmation of what version you're currently running.