API to auth with login and password



So, I’d like to build app to view repository. To build app I will use Gitlab API.
First I need user to be authenticated by his login/password, can you provide me with the link explaining what endpoint should I use to auth user with login/password?
There are OAuth 2 Tokens, Private Tokens, Impersonation tokens, GitLab as an OAuth2 provider but which of them suits to my needs?


The answer depends on whether or not you’re using GitLab.com or a self-managed instance. If the former, then impersonation tokens and authenticating through sudo are out as those are only available to administrators (select GitLab employees).

Regardless, you might want to look into using a personal access token. More documentation on that and other methods here.


This post was flagged by the community and is temporarily hidden.


I’d recommend starting out with the Personal Access Token, as @tjwilliams already mentioned. It’s probably the easiest method to test and to implement, and from what you are saying, I think it should satisfy your needs (repository view).


This post was flagged by the community and is temporarily hidden.


I think there is a misunderstanding here: the suggestion is to use personal access tokens, not impersonation tokens (even if there is a mention of them being a type of personal access tokens).

My suggestion would be to just try to use an personal access token to see if it works for your case.


This post was flagged by the community and is temporarily hidden.


In order for someone to be able to help you, could you please post the exact curl command you executed (no need to show the personal access token, though) and its full output?


curl https://gitlab.com/api/v4/projects?private_token=[Personal Access Token]


If you are trying to list all projects from a GitLab instance, you can easily do it like this (for GitLab.com):

curl "https://gitlab.com/api/v4/projects"

Note that even if we’re not using authentication, it will still show some projects, as per the API documentation:

When accessed without authentication, only public projects with “simple” fields are returned.

If you want to use authentication, the recommended way is to pass the Personal Access Token (PAT) as a header:

curl  --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK"  "https://gitlab.com/api/v4/projects"

Let us know if that helps.