API to auth with login and password

api
#1

So, I’d like to build app to view repository. To build app I will use Gitlab API.
First I need user to be authenticated by his login/password, can you provide me with the link explaining what endpoint should I use to auth user with login/password?
There are OAuth 2 Tokens, Private Tokens, Impersonation tokens, GitLab as an OAuth2 provider but which of them suits to my needs?

0 Likes

#2

The answer depends on whether or not you’re using GitLab.com or a self-managed instance. If the former, then impersonation tokens and authenticating through sudo are out as those are only available to administrators (select GitLab employees).

Regardless, you might want to look into using a personal access token. More documentation on that and other methods here.

0 Likes

#4

I’d recommend starting out with the Personal Access Token, as @tjwilliams already mentioned. It’s probably the easiest method to test and to implement, and from what you are saying, I think it should satisfy your needs (repository view).

0 Likes

#6

I think there is a misunderstanding here: the suggestion is to use personal access tokens, not impersonation tokens (even if there is a mention of them being a type of personal access tokens).

My suggestion would be to just try to use an personal access token to see if it works for your case.

0 Likes

#8

In order for someone to be able to help you, could you please post the exact curl command you executed (no need to show the personal access token, though) and its full output?

0 Likes

#11

curl https://gitlab.com/api/v4/projects?private_token=[Personal Access Token]

0 Likes

#12

If you are trying to list all projects from a GitLab instance, you can easily do it like this (for GitLab.com):

curl "https://gitlab.com/api/v4/projects"

Note that even if we’re not using authentication, it will still show some projects, as per the API documentation:

When accessed without authentication, only public projects with “simple” fields are returned.

If you want to use authentication, the recommended way is to pass the Personal Access Token (PAT) as a header:

curl  --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK"  "https://gitlab.com/api/v4/projects"

Let us know if that helps.

0 Likes

#13

Ok, I’ve tried to send PRIVATE-TOKEN in header but still I got some spam in response with bunch of unknown projects. It’s a very simple task :slight_smile: I just want to get my projects listed on page https://gitlab.com/dashboard/projects.

0 Likes

#15

@forevernils Try using the list user projects endpoint instead, that should return all projects owned by your user. To do so:

  1. Obtain your user ID:
curl https://gitlab.com/api/v4/users?username=<username-here>
  1. Run a curl command similar to the following in a terminal/console:
curl -X GET -H 'PRIVATE-TOKEN: <token>' 'https://gitlab.com/api/v4/users/<user-id>/projects'

Be sure to replace the token and user ID with your own values. If you need to parse the JSON output for readability you can use something like jq and pipe your curl command to it, like so:

curl -X GET -H 'PRIVATE-TOKEN: <token>' 'https://gitlab.com/api/v4/users/<user-id>/projects' | jq '.'
0 Likes