Add latest changes from gitlab-org/gitlab@master

5 files changed, 37 insertions, 9 deletions

diff --git a/doc/api/index.md b/doc/api/index.md
index d9b7afc2dc8..4048a27b81f 100644
--- a/doc/api/index.md
+++ b/doc/api/index.md
@@ -166,6 +166,11 @@ curl --header "Authorization: Bearer OAUTH-TOKEN" "https://gitlab.example.com/ap
 
 Read more about [GitLab as an OAuth2 provider](oauth2.md).
 
+NOTE:
+We recommend that OAuth access tokens have an expiration. You can use a `refresh_token` to refresh tokens. Integrations may need to be updated to refresh tokens prior to expiration, which is based on the [expires_in](https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.14) property in the token endpoint response.  
+
+A default refresh setting of two hours is tracked in [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/336598).
+
 ### Personal/project access tokens
 
 You can use access tokens to authenticate with the API by passing it in either
diff --git a/doc/ssh/index.md b/doc/ssh/index.md
index fd95a483344..920117116e5 100644
--- a/doc/ssh/index.md
+++ b/doc/ssh/index.md
@@ -214,9 +214,12 @@ To use SSH with GitLab, copy your public key to your GitLab account.
 1. In the **Title** text box, type a description, like _Work Laptop_ or
    _Home Workstation_.
 1. Optional. In the **Expires at** box, select an expiration date. (Introduced in [GitLab 12.9](https://gitlab.com/gitlab-org/gitlab/-/issues/36243).)
-   The expiration date is informational only, and does not prevent you from using
-   the key. However, administrators can view expiration dates and
-   use them for guidance when [deleting keys](../user/admin_area/credentials_inventory.md#delete-a-users-ssh-key).
+   In:
+   - GitLab 13.12 and earlier, the expiration date is informational only. It doesn't prevent
+     you from using the key. Administrators can view expiration dates and use them for
+     guidance when [deleting keys](../user/admin_area/credentials_inventory.md#delete-a-users-ssh-key).
+   - GitLab 14.0 and later, the expiration date is enforced. Administrators can
+     [allow expired keys to be used](../user/admin_area/settings/account_and_limit_settings.md#allow-expired-ssh-keys-to-be-used).
    - GitLab checks all SSH keys at 02:00 AM UTC every day. It emails an expiration notice for all SSH keys that expire on the current date. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/322637) in GitLab 13.11.)
    - GitLab checks all SSH keys at 01:00 AM UTC every day. It emails an expiration notice for all SSH keys that are scheduled to expire seven days from now. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/322637) in GitLab 13.11.)
 1. Select **Add key**.
diff --git a/doc/user/admin_area/settings/help_page.md b/doc/user/admin_area/settings/help_page.md
index f941b5e69f2..1106425d64e 100644
--- a/doc/user/admin_area/settings/help_page.md
+++ b/doc/user/admin_area/settings/help_page.md
@@ -66,18 +66,24 @@ You can specify a custom URL to which users are directed when they:
 1. In the **Support page URL** field, enter the URL.
 1. Select **Save changes**.
 
-## Redirect GitLab documentation links
+## Redirect `/help` pages
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/43157) in GitLab 13.5.
-> - Enabled on GitLab.com and is ready for production use. Available to GitLab.com administrators only.
+> - Enabled on GitLab.com and is ready for production use.
 
 NOTE:
 On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to
 [enable the `:help_page_documentation_redirect` flag](../../../administration/feature_flags.md).
 On GitLab.com, this feature is available but can be configured by GitLab.com administrators only.
 
-Documentation links go to the `/help` section on the instance by default, but you can
-redirect these links to an external documentation site like `https://docs.gitlab.com`:
+The `/help` URL of a GitLab instance displays a basic version of the documentation sourced from the
+[`doc` directory](https://gitlab.com/gitlab-org/gitlab/-/tree/master/doc) of GitLab. `/help` links
+are often used for contextual help.
+
+You can redirect these `/help` links to either:
+
+- The more navigable and searchable version published at [`docs.gitlab.com`](https://docs.gitlab.com).
+- A destination that meets [necessary requirements](#destination-requirements).
 
 1. On the top bar, select **Menu >** **{admin}** **Admin**.
 1. In the left sidebar, select **Settings > Preferences**.
@@ -85,6 +91,18 @@ redirect these links to an external documentation site like `https://docs.gitlab
 1. In the **Documentation pages URL** field, enter the URL.
 1. Select **Save changes**.
 
+### Destination requirements
+
+When redirecting `/help`, GitLab:
+
+- Redirects requests to the specified URL.
+- Appends `ee`  and the documentation path to the URL.
+- Appends `.html` to the URL, and removes `.md` if necessary.
+
+For example, if the URL is set to `https://docs.gitlab.com`, requests for
+`/help/user/admin_area/settings/help_page.md` redirect to:
+`https://docs.gitlab.com/ee/user/admin_area/settings/help_page.html`.
+
 <!-- ## Troubleshooting
 
 Include any troubleshooting steps that you can foresee. If you know beforehand what issues
diff --git a/doc/user/application_security/api_fuzzing/index.md b/doc/user/application_security/api_fuzzing/index.md
index e35415003c7..7ed36572be4 100644
--- a/doc/user/application_security/api_fuzzing/index.md
+++ b/doc/user/application_security/api_fuzzing/index.md
@@ -38,7 +38,7 @@ or other scanners) during a scan could cause inaccurate results.
 
 You can run a Web API fuzzing scan using the following methods:
 
-- [OpenAPI Specification](#openapi-specification) - version 2.0 or 3.0
+- [OpenAPI Specification](#openapi-specification) - version 2, and 3.
 - [HTTP Archive](#http-archive-har) (HAR)
 - [Postman Collection](#postman-collection) - version 2.0 or 2.1
 
@@ -112,6 +112,8 @@ To generate an API Fuzzing configuration snippet:
 
 ### OpenAPI Specification
 
+> Support for OpenAPI Specification v3.1 was
+> [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/327268) in GitLab 14.2.
 > Support for OpenAPI Specification using YAML format was
 > [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/330583) in GitLab 14.0.
 > Support for OpenAPI Specification v3.0 was
diff --git a/doc/user/project/settings/project_access_tokens.md b/doc/user/project/settings/project_access_tokens.md
index 34f7a1aee92..9a6acdfc710 100644
--- a/doc/user/project/settings/project_access_tokens.md
+++ b/doc/user/project/settings/project_access_tokens.md
@@ -95,7 +95,7 @@ You may enable or disable project access token creation for all projects in a gr
 Even when creation is disabled, you can still use and revoke existing project access tokens.
 This setting is available only on top-level groups.
 
-## Group access token workaround  **(FREE SELF)**
+## Group access token workaround **(FREE SELF)**
 
 NOTE:
 This section describes a workaround and is subject to change.