Create user via Ansible returns 401

I’m using this Ansible module to create a gitlab user. It keeps returning 401. How can I debug this?

    - name: create service user for Jenkins
      become: false
      gitlab_user:
        api_url: https://192.168.122.99
        validate_certs: false
        api_username: root
        api_password: "{{ gitlab.root_password }}"
        name: Jenkins service
        username: jenkins01
        password: "{{ gitlab.jenkins_user_password }}"
        email: jenkins01.example.com
        state: present
        access_level: developer
        confirm: false
      delegate_to: localhost
      register: jenkins_result

I see this in /var/log/gitlab/gitlab-workhorse:

{
  "content_type": "application/json",
  "correlation_id": "01F9ESMWXTCKK4DVM2CBFV3143",
  "duration_ms": 9,
  "host": "192.168.122.99",
  "level": "info",
  "method": "GET",
  "msg": "access",
  "proto": "HTTP/1.1",
  "referrer": "",
  "remote_addr": "127.0.0.1:0",
  "remote_ip": "127.0.0.1",
  "route": "^/api/",
  "status": 401,
  "system": "http",
  "time": "2021-06-30T11:47:21-04:00",
  "ttfb_ms": 9,
  "uri": "/api/v4/user",
  "user_agent": "python-gitlab/2.5.0",
  "written_bytes": 30
}

Best bet is ask the authors from the ansible link you provided. Their names are at the bottom of the page. This is written by them and not Gitlab.

I can reproduce the problem without the module. I suspect the GitLab api does not permit access using username and password for authentication. Only a token. But I can’t find proof or a way to preseed a token for the root user.

As far as I remember when I used the api you need to create an access token under the user settings with api selected.

This is frustrating. I’m trying to build an automated install of GL, but having some feature tuning require a human in the web UI is a roadblock.