Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/doc/user
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2021-09-03 12:08:53 +0300
committerGitLab Bot <gitlab-bot@gitlab.com>2021-09-03 12:08:53 +0300
commit764ff99273496e7d1da0dc9cc2255445cf7dc540 (patch)
treeeb359257b9eb9b1ab2ad3b75dd3f04b717889410 /doc/user
parentfdc5404bc3391e9a767b2a32422c082b9490c663 (diff)
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/user')
-rw-r--r--doc/user/profile/personal_access_tokens.md10
-rw-r--r--doc/user/project/settings/project_access_tokens.md29
2 files changed, 25 insertions, 14 deletions
diff --git a/doc/user/profile/personal_access_tokens.md b/doc/user/profile/personal_access_tokens.md
index c534a630480..8acb8d34214 100644
--- a/doc/user/profile/personal_access_tokens.md
+++ b/doc/user/profile/personal_access_tokens.md
@@ -12,11 +12,17 @@ info: To determine the technical writer assigned to the Stage/Group associated w
> - Introduced in GitLab 13.3: [Additional notifications for expiring tokens](https://gitlab.com/gitlab-org/gitlab/-/issues/214721).
> - Introduced in GitLab 14.1: [Prefill token name and scopes](https://gitlab.com/gitlab-org/gitlab/-/issues/334664).
-If you're unable to use [OAuth2](../../api/oauth2.md), you can use a personal access token to authenticate with the [GitLab API](../../api/index.md#personalproject-access-tokens). You can also use a personal access token with Git to authenticate over HTTP.
+Personal access tokens can be an alternative to [OAuth2](../../api/oauth2.md) and used to:
+
+- Authenticate with the [GitLab API](../../api/index.md#personalproject-access-tokens).
+- Authenticate with Git using HTTP Basic Authentication.
In both cases, you authenticate with a personal access token in place of your password.
-Personal access tokens are required when [Two-Factor Authentication (2FA)](account/two_factor_authentication.md) is enabled.
+Personal access tokens are:
+
+- Required when [two-factor authentication (2FA)](account/two_factor_authentication.md) is enabled.
+- Similar to [project access tokens](../project/settings/project_access_tokens.md), but are attached to a user rather than a project.
For examples of how you can use a personal access token to authenticate with the API, see the [API documentation](../../api/index.md#personalproject-access-tokens).
diff --git a/doc/user/project/settings/project_access_tokens.md b/doc/user/project/settings/project_access_tokens.md
index b5a9537d827..8b2b22bd521 100644
--- a/doc/user/project/settings/project_access_tokens.md
+++ b/doc/user/project/settings/project_access_tokens.md
@@ -7,25 +7,30 @@ type: reference, howto
# Project access tokens
-NOTE:
-Project access tokens are supported for self-managed instances on Free and above. They are also supported on GitLab SaaS Premium and above (excluding [trial licenses](https://about.gitlab.com/free-trial/)). Self-managed Free instances should review their security and compliance policies with regards to [user self-enrollment](../../admin_area/settings/sign_up_restrictions.md#disable-new-sign-ups) and consider [disabling project access tokens](#enable-or-disable-project-access-token-creation) to lower potential abuse.
-
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/210181) in GitLab 13.0.
> - [Became available on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/235765) in GitLab 13.5 for paid groups only.
> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/235765) in GitLab 13.5.
-WARNING:
-This feature might not be available to you. Check the **version history** note above for details.
+Project access tokens are similar to [personal access tokens](../../profile/personal_access_tokens.md)
+except they are attached to a project rather than a user. They can be used to:
+
+- Authenticate with the [GitLab API](../../../api/index.md#personalproject-access-tokens).
+- Authenticate with Git using HTTP Basic Authentication. If you are asked for a username when
+ authenticating, you can use any non-empty value because only the token is needed.
-Project access tokens are scoped to a project and can be used to authenticate with the
-[GitLab API](../../../api/index.md#personalproject-access-tokens). You can also use
-project access tokens with Git to authenticate over HTTPS. If you are asked for a
-username when authenticating over HTTPS, you can use any non-empty value because only
-the token is needed.
+Project access tokens:
-Project access tokens expire on the date you define, at midnight UTC.
+- Expire on the date you define, at midnight UTC.
+- Are supported for self-managed instances on Free tier and above. Free self-managed instances
+ should:
+ - Review their security and compliance policies with regards to
+ [user self-enrollment](../../admin_area/settings/sign_up_restrictions.md#disable-new-sign-ups).
+ - Consider [disabling project access tokens](#enable-or-disable-project-access-token-creation) to
+ lower potential abuse.
+- Are also supported on GitLab SaaS Premium and above (excluding [trial licenses](https://about.gitlab.com/free-trial/).)
-For examples of how you can use a project access token to authenticate with the API, see the following section from our [API Docs](../../../api/index.md#personalproject-access-tokens).
+For examples of how you can use a project access token to authenticate with the API, see the
+[relevant section from our API Docs](../../../api/index.md#personalproject-access-tokens).
## Creating a project access token
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-09 21:27:55 +0300