G

GitLab REST API

REST discovered

Details
URL
https://gitlab.com/api/v4
Spec
https://gitlab.com/gitlab-org/gitlab/-/raw/master/doc/api/openapi/openapi_v3.yaml
Docs
https://docs.gitlab.com/api/rest/
Authentication
GitLab OAuth application (client ID + client secret) oauth2 discovered Set up OAuth ↗
Authorization: Bearer <credential> /?access_token=<credential>

Create an OAuth app in GitLab: go to Applications, select Add new application, enter a name and Redirect URI, choose the needed OAuth scopes, then save. GitLab shows an Application ID (client ID) and Secret. GitLab also supports dynamic client registration at oauth/register. OAuth authorize/token endpoints are https://gitlab.com/oauth/authorize and https://gitlab.com/oauth/token. For GitLab.com, glab can also use OAuth login via glab auth login --web or device flow via glab auth login --device.

GitLab personal access token api_key discovered Get key ↗
PRIVATE-TOKEN: <credential> /Authorization: Bearer <credential>

In GitLab.com, open Personal access tokens, choose Generate token > Legacy token, set a name, expiration, and scopes such as read_api or api, then create the token and copy it before leaving the page.

GitLab project access token api_key discovered
PRIVATE-TOKEN: <credential> /Authorization: Bearer <credential>

Open the target project in GitLab.com, then go to Settings > Access tokens as described in Project access tokens. Create a token with the required role and scopes, then copy it when shown. On GitLab.com this requires Premium or Ultimate.

GitLab group access token api_key discovered
PRIVATE-TOKEN: <credential> /Authorization: Bearer <credential>

Open the target group in GitLab.com, then go to Settings > Access tokens as described in Group access tokens. Create a token with the required role and scopes, then copy it when shown. On GitLab.com this requires Premium or Ultimate and is not available during trial.

GitLab CI/CD job token bearer discovered
JOB-TOKEN: <credential>

Run the integration from a GitLab CI/CD job. GitLab exposes the token in the job environment as CI_JOB_TOKEN; docs note it only works for specific API endpoints. For glab, you can log in with glab auth login --job-token $CI_JOB_TOKEN or rely on CI auto-login where supported.