Gitlab access token scopes

Required scopes and used endpoints when connecting to Gitlab.

You can find documentation about creating access tokens here:

https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html#create-a-personal-access-token

Git for Confluence requests the following scopes:

read_api
read_repository

API endpoints

These are the endpoints that are being called with a token.

Retrieve contents of a file from a repository

This endpoint is being used to retrieve the content of a file so that we can display it on a Confluence page for you. The content of this file is not being saved on the servers of Git for Confluence. This means that every time a file is being viewed on a Confluence page, we will have to retrieve it using this endpoint.

Retrieve contents of a folder from a repository

This endpoint is being used to retrieve the contents of a folder so that we can display it on a Confluence page for you. The content of this folder is not being saved on the servers of Git for Confluence. This means that every time a folder is being viewed on a Confluence page, we will have to retrieve it using this endpoint.

GraphQL queries

To retrieve all the required information of the git content in a folder Git for Confluence uses the following GraphQL queries.

{
    project {
        repository {
            tree {
                blobs
                trees
            }
        }
    }
}

{
    project {
        repository {
            blobs
        }
    }
}

Downloading contents from a repository

This endpoint is being used to generate a zip archive from a folder so you can download it from a Confluence page. This archive is not being saved on the server of Git for Confluence. This means that every time a folder is downloaded we will have to retrieve it using this endpoint.

Retrieve repository information

Sometimes an error can occur when retrieving a file from Gitlab. Gitlab tells us that the file can not be found if it does not exist, or if you do not have access to the file. Yet we would like to let you know what the actual problem is.

We use this endpoint to check if the repository exists, if that is the case we assume that the file does not exist and show that to you in the UI.

If we can not find the repository, we assume that you do not have access to the file that you are trying to share.

Verify access token

When configuring an access token for Gitlab, we use this endpoint to verify if the correct scopes have been enabled for this token.

PreviousBitbucket access token scopes NextAzure DevOps access token scopes

Last updated 11 months ago