Admin Token API: Identify GitLab sessions
-
Please check this box if this contribution uses AI-generated content (including content generated by GitLab Duo features) as outlined in the GitLab DCO & CLA. As a benefit of being a GitLab Community Contributor, you receive complimentary access to GitLab Duo.
What does this MR do and why?
Adds support to the Admin Token API to identify the user of a _gitlab_session
.
Issue: #512654 (closed)
References
- Issue: #512654 (closed)
- Epic: &15777
- Docs: https://docs.gitlab.com/ee/api/admin/token.html
MR acceptance checklist
MR Checklist ( @nwittstruck)
-
Changelog entry added, if necessary -
Documentation created/updated via this MR -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Tested in all supported browsers -
Conforms to the code review guidelines -
Conforms to the merge request performance guidelines -
Conforms to the style guides -
Conforms to the javascript style guides -
Conforms to the database guides
How to set up and validate locally
-
You'll need to create a
personal access token
to access the token and get a_gitlab_session
that you'd like to query:-
Create a
personal access token
withadmin_mode
andapi
capabilities.Preferences > Access Tokens > Add a new token
- You'll need a
_gitlab_session
. The easiest way to get this is to get a session from your browser. Navigate to your gdk, e.g. https://gdk.test:3443 and sign in. After signing in, there should be a session key and a value in your cookie store. In Firefox, open the developer console and go toStorage > Cookies
. It's mostly the same in Chrome/Safari. This should get you a key:_gitlab_session_abc123
and a value:long-string-with-numbers
. You need to join both:_gitlab_session_abc123=long-string-with-numbers
. For comparison, ongitlab.com
, the key would be just_gitlab_session=
. However, in development mode, a unique key is added to the prefix (in the example,abc123
).
-
Create a
-
Now you can retrieve information about this token:
curl -k --request POST \
--url 'https://gdk.test:3443/api/v4/admin/token' \
--header 'Authorization: Bearer <Admin Token from Step 2.1>' \
--header 'Content-Type: application/json' \
--data '{"token": "_gitlab_session_abc123=long-string-with-numbers"}'
Related to #512654 (closed)
Merge request reports
Activity
added groupauthentication typefeature labels
added Leading Organization label
added pipelinetier-1 label
- Resolved by Kamil Trzciński
Thanks for your contribution to GitLab @nwittstruck!
- If you need help, page a coach by clicking here or come say hi on Discord.
- When you're ready, request a review by clicking here.
- We welcome AI-generated contributions and offer complimentary access to GitLab Duo!
- To add labels to your merge request, comment
@gitlab-bot label ~"label1" ~"label2"
.
This message was generated automatically. Improve it or delete it.
added Community contribution workflowin dev labels
assigned to @nwittstruck
added linked-issue label
- Resolved by Erick Bajao
1 Warning 34c6e247: The commit body should not contain more than 72 characters per line. For more information, take a look at our Commit message guidelines. 1 Message This merge request adds or changes documentation files and requires Technical Writing review. The review should happen before merge, but can be post-merge if the merge request is time sensitive. Documentation review
The following files require a review from a technical writer:
-
doc/api/admin/token.md
(Link to current live version)
The review does not need to block merging this merge request. See the:
-
Metadata for the
*.md
files that you've changed. The first few lines of each*.md
file identify the stage and group most closely associated with your docs change. - The Technical Writer assigned for that stage and group.
- Documentation workflows for information on when to assign a merge request for review.
Reviewer roulette
Category Reviewer Maintainer backend @Quintasan
(UTC+1)
@ayufan
(UTC+1)
Please refer to documentation page for guidance on how you can benefit from the Reviewer Roulette, or use the GitLab Review Workload Dashboard to find other available reviewers.
If needed, you can retry the
danger-review
job that generated this comment.Generated by
DangerEdited by Danger Bot -
mentioned in issue #443597 (closed)
added backend documentation labels
added workflowready for review label and removed workflowin dev label
requested review from @jmallissery
Hi
@idurham
! Please review this documentation merge request. This message was generated automatically. Improve it or delete it.added twtriaged label
requested review from @idurham
@idurham @jmallissery, this Community contribution is ready for review.
- Do you have capacity and domain expertise to review this? If not, find one or more reviewers and assign to them.
- If you've reviewed it, add the workflowin dev label if these changes need more work before the next review.
- Please ensure the group's Product Manager has validated the linked issue.
This message was generated automatically. Improve it or delete it.
- Resolved by Isaac Durham
- Resolved by Isaac Durham
- Resolved by Isaac Durham
@nwittstruck, left a couple very small suggestions. What do you think?
requested review from @dbiryukov
requested review from @iamricecake
added 269 commits
-
974c0f31...6b9e3d03 - 267 commits from branch
gitlab-org:master
- b47321f7 - Admin Token API: Identify GitLab sessions
- 50e04bd6 - Admin Token API: Identify GitLab sessions
-
974c0f31...6b9e3d03 - 267 commits from branch
mentioned in epic gitlab-org#15777
added pipeline:mr-approved label
added pipelinetier-2 label and removed pipelinetier-1 label
Before you set this MR to auto-merge
This merge request will progress on pipeline tiers until it reaches the last tier: pipelinetier-3.
Before you set this MR to auto-merge, please check the following:
- You are the last maintainer of this merge request
- The latest pipeline for this merge request is pipelinetier-3 (You can find which tier it is in the pipeline name)
- This pipeline is recent enough (created in the last 8 hours)
If all the criteria above apply, please set auto-merge for this merge request.
See pipeline tiers and merging a merge request for more details.
Hi
@idurham
,GitLab Bot has added the Technical Writing label because a Technical Writer has approved or merged this MR.
This message was generated automatically. Improve it or delete it.
added Technical Writing label
- Resolved by Dmytro Biryukov
@nwittstruck Thank you
for your contribution!I left my feedback mostly related to tests.
mentioned in issue gitlab-org/quality/triage-reports#21889 (closed)
added 487 commits
-
50e04bd6...b129f7d7 - 484 commits from branch
gitlab-org:master
- 49f4377d - Admin Token API: Identify GitLab sessions
- 068ff215 - Admin Token API: Identify GitLab sessions
- 18418af8 - Admin Token API: Identify GitLab sessions
Toggle commit list-
50e04bd6...b129f7d7 - 484 commits from branch
reset approvals from @idurham by pushing to the branch
changed milestone to %17.9
added pipelinetier-3 pipeline:run-e2e-omnibus-once labels and removed pipelinetier-2 label
@ayufan Could you please perform a review?
requested review from @ayufan
removed review request for @ayufan
mentioned in issue gitlab-org/quality/triage-reports#21997 (closed)
- Resolved by Erick Bajao
@nwittstruck I was about to set MWPS on the MR but couldn't because there are conflicts now. Can you please check?
2 Warnings 34c6e247: The commit body should not contain more than 72 characters per line. For more information, take a look at our Commit message guidelines. The master pipeline status page reported failures in If these jobs fail in your merge request with the same errors, then they are not caused by your changes.
Please check for any on-going incidents in the incident issue tracker or in the#master-broken
Slack channel.1 Message This merge request adds or changes documentation files and requires Technical Writing review. The review should happen before merge, but can be post-merge if the merge request is time sensitive. Documentation review
The following files require a review from a technical writer:
-
doc/api/admin/token.md
(Link to current live version)
The review does not need to block merging this merge request. See the:
-
Metadata for the
*.md
files that you've changed. The first few lines of each*.md
file identify the stage and group most closely associated with your docs change. - The Technical Writer assigned for that stage and group.
- Documentation workflows for information on when to assign a merge request for review.
Reviewer roulette
Category Reviewer Maintainer backend @Quintasan
(UTC+1)
@ayufan
(UTC+1)
Please refer to documentation page for guidance on how you can benefit from the Reviewer Roulette, or use the GitLab Review Workload Dashboard to find other available reviewers.
If needed, you can retry the
danger-review
job that generated this comment.Generated by
DangerEdited by ****-
- Resolved by Erick Bajao
E2E Test Result Summary
allure-report-publisher
generated test report!e2e-test-on-cng:
test report for 77460fbbexpand test summary
+------------------------------------------------------------------+ | suites summary | +-------------+--------+--------+---------+-------+-------+--------+ | | passed | failed | skipped | flaky | total | result | +-------------+--------+--------+---------+-------+-------+--------+ | Create | 143 | 0 | 19 | 0 | 162 | ✅ | | Verify | 53 | 0 | 19 | 0 | 72 | ✅ | | Govern | 84 | 0 | 10 | 0 | 94 | ✅ | | Plan | 86 | 0 | 8 | 0 | 94 | ✅ | | Analytics | 2 | 0 | 0 | 0 | 2 | ✅ | | Monitor | 8 | 0 | 12 | 0 | 20 | ✅ | | Release | 5 | 0 | 1 | 0 | 6 | ✅ | | Data Stores | 33 | 0 | 10 | 0 | 43 | ✅ | | Package | 29 | 0 | 15 | 0 | 44 | ✅ | | Manage | 1 | 0 | 9 | 0 | 10 | ✅ | | Fulfillment | 2 | 0 | 7 | 0 | 9 | ✅ | | Growth | 0 | 0 | 2 | 0 | 2 | ➖ | | Secure | 2 | 0 | 5 | 0 | 7 | ✅ | | Configure | 0 | 0 | 3 | 0 | 3 | ➖ | | ModelOps | 0 | 0 | 1 | 0 | 1 | ➖ | | Ai-powered | 0 | 0 | 2 | 0 | 2 | ➖ | +-------------+--------+--------+---------+-------+-------+--------+ | Total | 448 | 0 | 123 | 0 | 571 | ✅ | +-------------+--------+--------+---------+-------+-------+--------+
e2e-test-on-gdk:
test report for 77460fbbexpand test summary
+------------------------------------------------------------------+ | suites summary | +-------------+--------+--------+---------+-------+-------+--------+ | | passed | failed | skipped | flaky | total | result | +-------------+--------+--------+---------+-------+-------+--------+ | Verify | 52 | 0 | 20 | 1 | 72 | ✅ | | Govern | 79 | 0 | 13 | 0 | 92 | ✅ | | Manage | 1 | 0 | 9 | 0 | 10 | ✅ | | Create | 138 | 0 | 20 | 0 | 158 | ✅ | | Plan | 82 | 0 | 8 | 0 | 90 | ✅ | | Configure | 0 | 0 | 3 | 0 | 3 | ➖ | | Package | 24 | 0 | 14 | 0 | 38 | ✅ | | Fulfillment | 2 | 0 | 7 | 0 | 9 | ✅ | | Secure | 4 | 0 | 3 | 0 | 7 | ✅ | | Monitor | 8 | 0 | 12 | 0 | 20 | ✅ | | Data Stores | 33 | 0 | 10 | 0 | 43 | ✅ | | Analytics | 2 | 0 | 0 | 0 | 2 | ✅ | | Release | 5 | 0 | 1 | 0 | 6 | ✅ | | Ai-powered | 0 | 0 | 2 | 0 | 2 | ➖ | | ModelOps | 0 | 0 | 1 | 0 | 1 | ➖ | | Growth | 0 | 0 | 2 | 0 | 2 | ➖ | +-------------+--------+--------+---------+-------+-------+--------+ | Total | 430 | 0 | 125 | 1 | 555 | ✅ | +-------------+--------+--------+---------+-------+-------+--------+
Edited by ****added 1845 commits
-
18418af8...3f14b8f1 - 1842 commits from branch
gitlab-org:master
- 34c6e247 - Admin Token API: Identify GitLab sessions
- 0a3645c4 - Admin Token API: Identify GitLab sessions
- 77460fbb - Admin Token API: Identify GitLab sessions
Toggle commit list-
18418af8...3f14b8f1 - 1842 commits from branch
reset approvals from @ayufan, @iamricecake, and @dbiryukov by pushing to the branch
started a merge train
mentioned in commit 0e15b697
Hi @nwittstruck
See where you rank! Check your spot on the contributor leaderboard and unlock rewards.
How was your code review experience with this merge request? Please tell us how we can continue to iterate and improve:
- React with a
or a on this comment to describe your experience. - Create a new comment starting with
@gitlab-bot feedback
below, and leave any additional feedback you have for us in the comment.
As a benefit of being a GitLab Community Contributor, you have access to GitLab Duo, our AI-powered features. With Code Suggestions, Chat, Root Cause Analysis and more AI-powered features, GitLab Duo helps to boost your efficiency and effectiveness by reducing the time required to write and understand code and pipelines. Visit the GitLab Duo documentation to learn more about the benefits.
Thanks for your help!
This message was generated automatically. Improve it or delete it.
- React with a
mentioned in issue #512654 (closed)
added workflowstaging-canary label and removed workflowready for review label
added workflowcanary label and removed workflowstaging-canary label
added workflowstaging label and removed workflowcanary label
added workflowproduction label and removed workflowstaging label
added workflowpost-deploy-db-staging label and removed workflowproduction label
added workflowpost-deploy-db-production label and removed workflowpost-deploy-db-staging label