Skip to content

docs(tokens): update token expire docs

What does this MR do and why?

Starting with 16.1, tokens for projects and groups require the attribute expires_at to be set.

Since 16.1 the expires_at attribute is required, otherwise a 400 is thrown

"400: scopes is invalid, expires_at is missing"

This MR changes the documentation to reflect this changed behavior

🛠 with at Siemens

Screenshots or screen recordings

image

image

How to set up and validate locally

  1. Get Gitlab 16.1
  2. curl --request POST
    --url 'https://gitlab.example.com/api/v4/projects/61/access_tokens'
    --header 'Content-Type: application/json'
    --header 'PRIVATE-TOKEN: your-token'
    --data '{ "name":"test_token", "scopes":["api"]}'
  3. See response:
{
  "error": "expires_at is missing"
}

This only affects the project and group access tokens. The personal access token API still doesn't need it:

curl --request POST \
  --url 'https://gitlab.example.com/api/v4/users/2/personal_access_tokens' \
  --header 'Content-Type: application/json' \
  --header 'PRIVATE-TOKEN: admin-token' \
  --data '{ "name":"test_token", "scopes":["api"]}'
{
  "id": 3234,
  "name": "test_token",
  "revoked": false,
...
}

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Merge request reports

Loading