diff options
| author | Tiago Botelho <tiagonbotelho@hotmail.com> | 2017-02-09 15:21:09 +0000 |
|---|---|---|
| committer | Tiago Botelho <tiagonbotelho@hotmail.com> | 2017-02-28 22:15:40 +0000 |
| commit | f0ea7130f7bf0e7a3702d863b4d246f524b6c14a (patch) | |
| tree | ec626d2d42c7942fa1cbc1505275ed7d4de52fa5 /doc/api | |
| parent | c2b1cdef7e8cdaec35bd0844301ce8f06ed742b7 (diff) | |
| download | gitlab-ce-f0ea7130f7bf0e7a3702d863b4d246f524b6c14a.tar.gz | |
refactors documentation and personal access tokens form to not allow admins to generate non impersionation tokens
Diffstat (limited to 'doc/api')
| -rw-r--r-- | doc/api/README.md | 2 | ||||
| -rw-r--r-- | doc/api/personal_access_tokens.md | 16 | ||||
| -rw-r--r-- | doc/api/users.md | 23 |
3 files changed, 34 insertions, 7 deletions
diff --git a/doc/api/README.md b/doc/api/README.md index e40e2d81faf..759ec253a1f 100644 --- a/doc/api/README.md +++ b/doc/api/README.md @@ -8,7 +8,7 @@ under [`/lib/api`](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api). Documentation for various API resources can be found separately in the following locations: -- [Access Tokens](personal_access_tokens.md) +- [Personal Access Tokens](personal_access_tokens.md) - [Award Emoji](award_emoji.md) - [Branches](branches.md) - [Broadcast Messages](broadcast_messages.md) diff --git a/doc/api/personal_access_tokens.md b/doc/api/personal_access_tokens.md index da666ccbc10..0fd04a0033d 100644 --- a/doc/api/personal_access_tokens.md +++ b/doc/api/personal_access_tokens.md @@ -14,13 +14,13 @@ An example: "name": "mytoken", "revoked": false, "expires_at": "2017-01-04", - "scopes": ['api'], + "scopes": ["api"], "active": true } ] ``` -In addition, you can filter users based on state: `all`, `active` and `inactive` +In addition, you can filter tokens based on state: `all`, `active` and `inactive` ``` GET /personal_access_tokens?state=all @@ -34,6 +34,18 @@ GET /personal_access_tokens?state=active GET /personal_access_tokens?state=inactive ``` +## Show + +``` +GET /personal_access_tokens/:personal_access_token_id +``` + +Parameters: + +| Attribute | Type | Required | Description | +| --------- | ---- | -------- | ----------- | +| `personal_access_token_id` | integer | yes | The ID of the personal access token | + ## Create ``` diff --git a/doc/api/users.md b/doc/api/users.md index f33090b132b..2b4099227bc 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -858,7 +858,7 @@ An example: ] ``` -In addition, you can filter users based on state: `all`, `active` and `inactive` +In addition, you can filter tokens based on state: `all`, `active` and `inactive` ``` GET /users/:user_id/personal_access_tokens?state=all @@ -878,12 +878,27 @@ Finally, you can filter based on impersonation: `true` or `false`. GET /users/:user_id/personal_access_tokens?impersonation=true ``` +## Show a user personal access token + +It shows a user's personal access token. Note that only administrators can do this. + +``` +GET /users/:user_id/personal_access_tokens/:personal_access_token_id +``` + +Parameters: + +| Attribute | Type | Required | Description | +| --------- | ---- | -------- | ----------- | +| `user_id` | integer | yes | The ID of the user | +| `personal_access_token_id` | integer | yes | The ID of the personal access token | + ## Create a personal access token It creates a new personal access token. Note that only administrators can do this. -If you set the impersonation flag to true, you can impersonate the user and -performing both API calls and Git reads and writes. The user will not see these -tokens in his profile settings. +You are only able to create impersonation tokens to impersonate the user and perform +both API calls and Git reads and writes. The user will not see these tokens in his profile +settings page. ``` POST /users/:user_id/personal_access_tokens |