API Feature: Get user projects/groups, based on minimal access level
Problem to solve
External API services should be able to verify/authorize users, based on what permissions a user has a certain level of access to.
Currently it's only possible to use owned=true
with projects/groups, which is only valid for projects/groups that the users owns.
With a this proposed min_access_level
parameter, external API services could check if access to a certain project/group is granted in the GitLab instance and to what extend permissions are granted.
Example API usage
https://gitlab.com/api/v4/groups?min_access_level=30
The access levels, that can be requested originate from the group and project access requests API documentation:
10 => Guest access
20 => Reporter access
30 => Developer access
40 => Maintainer access
50 => Owner access # Only valid for groups
For this example, the API would only return groups, which belong to the current authenticated user and where this user has the minimum access level of developer.
Use cases
- Authentication with external applications and GitLab Projects/Groups
e.g. verdaccio-gitlab as separate npm registry with GitLab as authorization provider. - All applications, which want to authorize that certain users have enough access to a project/group in GitLab.