There is a way to authenticate for calls to the Gitlab API from within CI Jobs with the CI_JOB_TOKEN variable, but this seems to only work on the Enterprise Edition Premium, neither Community Edition nor the Enterprise Edition Starter.
Is there any way to access the Gitlab CI API (e.g. for downloading artifacts and querying jobs) without having to use the personal access token of a regular user (which would require a dedicated user to stay secure) for Community Edition or Enterprise Starter?
I believe not. The only way would indeed be to create a user with an access token and inject that through CI secrets.