docs(tokens): update token expire docs (!124964) · Merge requests · GitLab.org / GitLab

Max Wittig requested to merge siemens/gitlab:docs-tokens-update-token-expire-docs into master Jun 29, 2023

What does this MR do and why?

Starting with 16.1, tokens for projects and groups require the attribute expires_at to be set.

Since 16.1 the expires_at attribute is required, otherwise a 400 is thrown

"400: scopes is invalid, expires_at is missing"

This MR changes the documentation to reflect this changed behavior

🛠 with ❤ at Siemens

Screenshots or screen recordings

How to set up and validate locally

Get Gitlab 16.1
curl --request POST
--url 'https://gitlab.example.com/api/v4/projects/61/access_tokens'
--header 'Content-Type: application/json'
--header 'PRIVATE-TOKEN: your-token'
--data '{ "name":"test_token", "scopes":["api"]}'
See response:

{
  "error": "expires_at is missing"
}

This only affects the project and group access tokens. The personal access token API still doesn't need it:

curl --request POST \
  --url 'https://gitlab.example.com/api/v4/users/2/personal_access_tokens' \
  --header 'Content-Type: application/json' \
  --header 'PRIVATE-TOKEN: admin-token' \
  --data '{ "name":"test_token", "scopes":["api"]}'

{
  "id": 3234,
  "name": "test_token",
  "revoked": false,
...
}

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

docs(tokens): update token expire docs

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports