GitLab OAuth Application Token
Description
General
- Documentation: https://docs.gitlab.com/ee/integration/oauth_provider.html
- Summary: GitLab can be used as an OAuth 2 authentication identity provider by adding the following types of OAuth 2 applications to an instance: user owned application, group owned application, or instance-wide application.
- IPs allowlist: This feature isn't specified.
- Scopes: Different permission levels are associated by default with each type of application and can be further specified (see full documentation).
Revoke the secret
A token can be revoked using revoke endpoint.
Check for suspicious activity
This feature isn't specified.
Details for GitLab OAuth Application Token
-
Family: token
-
Category: version_control_platform
-
Company: GitLab
-
High recall: True
-
Validity check available: False
-
Analyzer available: False
-
Minimum number of matches: 1
-
Occurrences found for one million commits: 1.821
-
Prefixed: True
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- gloas-
Examples
- text: |
+GITLAB_CLIENT_SECRET=gloas-74923caa0ca5708d7b3761335c6043cb5343ae1ee2a9da3dba9539183710cf20
apikey: gloas-74923caa0ca5708d7b3761335c6043cb5343ae1ee2a9da3dba9539183710cf20
- text: |
+GITLAB_APP_SECRET=gloas-9fbfc0e6d3c6425128a94df258b27a5e39f3bd4b33d108d8a017bf9a3c7774d2
apikey: gloas-9fbfc0e6d3c6425128a94df258b27a5e39f3bd4b33d108d8a017bf9a3c7774d2
- text: |
+spring.security.oauth2.client.registration.gitlab.client-secret=gloas-36c3c720c9025afca1dc3e6423ec9fd09a0de3d206bb80385764a29c111229a4
apikey: gloas-36c3c720c9025afca1dc3e6423ec9fd09a0de3d206bb80385764a29c111229a4
