Rotating group access token with group token throws 401

alko89 · May 27, 2024, 11:11am

I’m trying to write a key rotation script. I’ve want to rotate all keys, including self. However trying to rotate group access key returns { message: '401 Unauthorized' }.

The same logic works with a project token, but I need to have it on the group level so I can update it for other projects as well:

  let gitlab = new Gitlab(gitlabToken);
  const tokens = await gitlab.getGroupAccessTokens(19); // The group with the rotator token
  const key = tokens.find((token: any) => {
    return token.name === 'Rotator' && token.revoked === false;
  }).id;

  const token = await gitlab.rotateGroupAccessToken(19, key); // This returns 401
  gitlab = new Gitlab(token.token);
  const t = await gitlab.updateProjectVariable(682, 'GITLAB_TOKEN', token.token);

alko89 · May 27, 2024, 4:07pm

Also how to properly query the correct access token? Seems like search api is not helpful and ordering doesn’t work when query access tokens

await this.axios.get(`/groups/${groupId}/access_tokens`, {
      params: {
        pagination: 'keyset',
        per_page: 10, // per page works
        order_by: 'id',
        sort: 'desc', // no difference with asc/desc
      },
    })

Topic		Replies	Views
I cannot find "Group Access Token" permission under General > Advanced Permissions How to Use GitLab	9	3631	February 24, 2023
Token renewal via API How to Use GitLab api	0	1406	August 2, 2023
Gitlab API - Group access tokens endpoint not showing all tokens DevSecOps api	0	156	May 17, 2024
Can't find group permission How to Use GitLab docs-feedback	4	70	August 19, 2024
Best practice for tokens DevSecOps	0	47	October 31, 2024

Rotating group access token with group token throws 401

Related topics