Wildcard protected branches - JWT token and API say NO!


I got stuck with wildcard protected branches.
An example step by step:

  1. Create a protected wildcard’s branch template in Settings/Repository/Protected Branches, e.g. feature/*
  2. Create a sample branch, e.g. feature/foo
  3. In the UI the branch is protected (is tagged with ‘protected’)
  4. Try to find this branch on the list of protected branches by API, e.g.
curl --header "Authorization: Bearer [redacted]" "https://[redacted]/api/v4/projects/[redacted]/protected_branches" 

Can you see that?
5. If you can try to do some pipeline with that branch and job’s JWT token, e.g.

echo ${CI_JOB_JWT_V2} > ${JWT_FILE}

Can you see that branch protected?

In my case the answer is No for the 4th and 5th, e.g. JWT token snippet

 "ref": "feature/foo",
  "ref_type": "branch",
  "ref_path": "refs/heads/feature/foo",
  "ref_protected": "false",

So, what I’m doing wrong?

gitlab version : 16.x

Gitlab confirms the bug: JWT token payload reflects incorrect branch protection status for merge request pipelines (#420463) · Issues · GitLab.org / GitLab · GitLab