--- stage: Verify group: Pipeline Security info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments --- # Group-level Variables API **(FREE ALL)** ## List group variables Get list of a group's variables. ```plaintext GET /groups/:id/variables ``` | Attribute | Type | Required | Description | |-----------|----------------|----------|-------------| | `id` | integer/string | Yes | The ID of a group or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) | ```shell curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/groups/1/variables" ``` ```json [ { "key": "TEST_VARIABLE_1", "variable_type": "env_var", "value": "TEST_1", "protected": false, "masked": false, "raw": false, "environment_scope": "*", "description": null }, { "key": "TEST_VARIABLE_2", "variable_type": "env_var", "value": "TEST_2", "protected": false, "masked": false, "raw": false, "environment_scope": "*", "description": null } ] ``` ## Show variable details > The `filter` parameter was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/340185) in GitLab 16.9. Get the details of a group's specific variable. If there are multiple variables with the same key, use `filter` to select the correct `environment_scope`. ```plaintext GET /groups/:id/variables/:key ``` | Attribute | Type | Required | Description | |-----------|----------------|----------|-------------| | `id` | integer/string | Yes | The ID of a group or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) | | `key` | string | Yes | The `key` of a variable | | `filter` | hash | No | Available filters: `[environment_scope]`. See the [`filter` parameter details](#the-filter-parameter). | ```shell curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/groups/1/variables/TEST_VARIABLE_1" ``` ```json { "key": "TEST_VARIABLE_1", "variable_type": "env_var", "value": "TEST_1", "protected": false, "masked": false, "raw": false, "environment_scope": "*", "description": null } ``` ## Create variable Create a new variable. ```plaintext POST /groups/:id/variables ``` | Attribute | Type | Required | Description | |---------------------------------------|----------------|----------|-------------| | `id` | integer/string | Yes | The ID of a group or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) | | `key` | string | Yes | The `key` of a variable; must have no more than 255 characters; only `A-Z`, `a-z`, `0-9`, and `_` are allowed | | `value` | string | Yes | The `value` of a variable | | `description` | string | No | The `description` of the variable. Default: `null` | | `environment_scope` **(PREMIUM ALL)** | string | No | The [environment scope](../ci/environments/index.md#limit-the-environment-scope-of-a-cicd-variable) of a variable | | `masked` | boolean | No | Whether the variable is masked | | `protected` | boolean | No | Whether the variable is protected | | `raw` | boolean | No | Whether the variable is treated as a raw string. Default: `false`. When `true`, variables in the value are not [expanded](../ci/variables/index.md#prevent-cicd-variable-expansion). | | `variable_type` | string | No | The type of a variable. Available types are: `env_var` (default) and `file` | ```shell curl --request POST --header "PRIVATE-TOKEN: " \ "https://gitlab.example.com/api/v4/groups/1/variables" --form "key=NEW_VARIABLE" --form "value=new value" ``` ```json { "key": "NEW_VARIABLE", "value": "new value", "variable_type": "env_var", "protected": false, "masked": false, "raw": false, "environment_scope": "*", "description": null } ``` ## Update variable > The `filter` parameter was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/340185) in GitLab 16.9. Update a group's variable. If there are multiple variables with the same key, use `filter` to select the correct `environment_scope`. ```plaintext PUT /groups/:id/variables/:key ``` | Attribute | Type | Required | Description | |---------------------------------------|----------------|----------|-------------| | `id` | integer/string | Yes | The ID of a group or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) | | `key` | string | Yes | The `key` of a variable | | `value` | string | Yes | The `value` of a variable | | `description` | string | No | The description of the variable. Default: `null`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/409641) in GitLab 16.2. | | `environment_scope` **(PREMIUM ALL)** | string | No | The [environment scope](../ci/environments/index.md#limit-the-environment-scope-of-a-cicd-variable) of a variable | | `filter` | hash | No | Available filters: `[environment_scope]`. See the [`filter` parameter details](#the-filter-parameter). | | `masked` | boolean | No | Whether the variable is masked | | `protected` | boolean | No | Whether the variable is protected | | `raw` | boolean | No | Whether the variable is treated as a raw string. Default: `false`. When `true`, variables in the value are not [expanded](../ci/variables/index.md#prevent-cicd-variable-expansion). | | `variable_type` | string | No | The type of a variable. Available types are: `env_var` (default) and `file` | ```shell curl --request PUT --header "PRIVATE-TOKEN: " \ "https://gitlab.example.com/api/v4/groups/1/variables/NEW_VARIABLE" --form "value=updated value" ``` ```json { "key": "NEW_VARIABLE", "value": "updated value", "variable_type": "env_var", "protected": true, "masked": true, "raw": true, "environment_scope": "*", "description": null } ``` ## Remove variable > The `filter` parameter was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/340185) in GitLab 16.9. Remove a group's variable. If there are multiple variables with the same key, use `filter` to select the correct `environment_scope`. ```plaintext DELETE /groups/:id/variables/:key ``` | Attribute | Type | Required | Description | |-----------|----------------|----------|-------------| | `id` | integer/string | Yes | The ID of a group or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) | | `key` | string | Yes | The `key` of a variable | | `filter` | hash | No | Available filters: `[environment_scope]`. See the [`filter` parameter details](#the-filter-parameter). | ```shell curl --request DELETE --header "PRIVATE-TOKEN: " \ "https://gitlab.example.com/api/v4/groups/1/variables/VARIABLE_1" ``` ## The `filter` parameter **(PREMIUM ALL)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/340185) in GitLab 16.9. When multiple variables have the same `key`, [GET](#show-variable-details), [PUT](#update-variable), or [DELETE](#remove-variable) requests might return: ```plaintext There are multiple variables with provided parameters. Please use 'filter[environment_scope]'. ``` Use `filter[environment_scope]` to select the variable with the matching `environment_scope` attribute. For example: - GET: ```shell curl --globoff --header "PRIVATE-TOKEN: " \ "https://gitlab.example.com/api/v4/groups/1/variables/SCOPED_VARIABLE_1?filter[environment_scope]=production" ``` - PUT: ```shell curl --request PUT --globoff --header "PRIVATE-TOKEN: " \ "https://gitlab.example.com/api/v4/groups/1/variables/SCOPED_VARIABLE_1?value=scoped-variable-updated-value&environment_scope=production&filter[environment_scope]=production" ``` - DELETE: ```shell curl --request DELETE --globoff --header "PRIVATE-TOKEN: " \ "https://gitlab.example.com/api/v4/groups/1/variables/SCOPED_VARIABLE_1?filter[environment_scope]=production" ```