Possible to enable 2FA for Personal Access Tokens and/or API keys?


Question is the title. I’m fairly sure this capability doesn’t exist. I couldn’t find a setting for this, and couldn’t find anything in the docs about it existing with a higher account tier, but I figured I’d ask anyway. It was suggested to me that 2FA could be used to protect Personal Access Tokens or API keys but I can’t find anything to support that.

I have a GitLab personal account and have successfully setup 2FA. I get prompted for 2FA when I sign in to the web site. I’ve setup a Personal Access Token which I’ve tested with curl and the token does work over http, with no 2FA prompt. I’m able to clone a repo using my username, personal access token, and no 2FA.

Is there any way to enable 2FA for Personal Access Tokens or any other kind of GitLab API keys? Is it possible with an enterprise account? I figured the point of an authentication token or API key is to automate things and skip the extra layers of authentication, so a 2FA option in those cases didn’t sound right to me. But if it does exist, I might want to enable it for Personal Access Tokens.