GitLab OAuth Application Token

Description

General

• Documentation: https://docs.gitlab.com/ee/integration/oauth_provider.html
• Summary: GitLab can be used as an OAuth 2 authentication identity provider by adding the following types of OAuth 2 applications to an instance: user owned application, group owned application, or instance-wide application.
• IPs allowlist: This feature isn't specified.
• Scopes: Different permission levels are associated by default with each type of application and can be further specified (see full documentation).

Revoke the secret

A token can be revoked using revoke endpoint.

Check for suspicious activity

This feature isn't specified.

Details for Gitlab oauth application token

• Family: Api

• Category: Version control platform

• Company: GitLab

• High recall: True

• Validity check available: False

• Minimum number of matches: 1

• Occurrences found for one million commits: 1.821

• Prefixed: True

• PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - gloas-

Examples

- text: |
    +GITLAB_CLIENT_SECRET=gloas-74923caa0ca5708d7b3761335c6043cb5343ae1ee2a9da3dba9539183710cf20
  apikey: gloas-74923caa0ca5708d7b3761335c6043cb5343ae1ee2a9da3dba9539183710cf20
- text: |
    +GITLAB_APP_SECRET=gloas-9fbfc0e6d3c6425128a94df258b27a5e39f3bd4b33d108d8a017bf9a3c7774d2
  apikey: gloas-9fbfc0e6d3c6425128a94df258b27a5e39f3bd4b33d108d8a017bf9a3c7774d2
- text: |
    +spring.security.oauth2.client.registration.gitlab.client-secret=gloas-36c3c720c9025afca1dc3e6423ec9fd09a0de3d206bb80385764a29c111229a4
  apikey: gloas-36c3c720c9025afca1dc3e6423ec9fd09a0de3d206bb80385764a29c111229a4