Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/doc/api/oauth2.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/api/oauth2.md')
-rw-r--r--doc/api/oauth2.md26
1 files changed, 18 insertions, 8 deletions
diff --git a/doc/api/oauth2.md b/doc/api/oauth2.md
index abf9d7af229..8a8a54a753a 100644
--- a/doc/api/oauth2.md
+++ b/doc/api/oauth2.md
@@ -5,15 +5,15 @@ group: Access
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
---
-# GitLab as an OAuth 2.0 provider **(FREE)**
+# OAuth 2.0 identity provider API **(FREE)**
-This document covers using the [OAuth2](https://oauth.net/2/) protocol to allow
-other services to access GitLab resources on user's behalf.
+GitLab provides an API to allow third-party services to access GitLab resources on a user's behalf
+with the [OAuth2](https://oauth.net/2/) protocol.
-If you want GitLab to be an OAuth authentication service provider to sign into
-other services, see the [OAuth2 authentication service provider](../integration/oauth_provider.md)
-documentation. This functionality is based on the
-[doorkeeper Ruby gem](https://github.com/doorkeeper-gem/doorkeeper).
+To configure GitLab for this, see
+[Configure GitLab as an OAuth 2.0 authentication identity provider](../integration/oauth_provider.md).
+
+This functionality is based on the [doorkeeper Ruby gem](https://github.com/doorkeeper-gem/doorkeeper).
## Supported OAuth 2.0 flows
@@ -25,7 +25,7 @@ GitLab supports the following authorization flows:
- **Authorization code:** Secure and common flow. Recommended option for secure
server-side apps.
- **Implicit grant:** Originally designed for user-agent only apps, such as
- single page web apps running on GitLab Pages).
+ single page web apps running on GitLab Pages.
The [Internet Engineering Task Force (IETF)](https://tools.ietf.org/html/draft-ietf-oauth-security-topics-09#section-2.1.2)
recommends against Implicit grant flow.
- **Resource owner password credentials:** To be used **only** for securely
@@ -412,6 +412,16 @@ prevent breaking changes introduced in [doorkeeper 5.0.2](https://github.com/doo
Don't rely on these fields as they are slated for removal in a later release.
+## Revoke a token
+
+To revoke a token, use the `revoke` endpoint. The API returns a 200 response code and an empty
+JSON hash to indicate success.
+
+```ruby
+parameters = 'client_id=APP_ID&client_secret=APP_SECRET&token=TOKEN'
+RestClient.post 'https://gitlab.example.com/oauth/revoke', parameters
+```
+
## OAuth 2.0 tokens and GitLab registries
Standard OAuth 2.0 tokens support different degrees of access to GitLab
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-02 19:36:28 +0300