Moderate users
This section describes how to moderate users at the group level. For self-managed instances, see the administration documentation.
If you have the Owner role for the group, to moderate user access you can approve, ban, or automatically remove dormant members.
Ban and unban users
-
Introduced in GitLab 15.8 with a flag named
limit_unique_project_downloads_per_namespace_user
. Disabled by default.
A group Owner can moderate user access by banning and unbanning users. You should ban a user when you want to block them from the group.
A banned user:
- Cannot access the group or any of repositories.
- Cannot use slash commands.
- Does not occupy a seat.
Unban a user
To unban a user with the GraphQL API, see Mutation.namespaceBanDestroy
.
For a demo on unbanning a user at the group level, see Namespace level ban - Unbanning a user.
Prerequisites:
- In the top-level group, you must have the Owner role.
To unban a user:
- Go to the top-level group.
- On the left sidebar, select Manage > Members.
- Select the Banned tab.
- For the account you want to unban, select Unban.
Ban a user
For a demo on banning a user at the group level, see Namespace level ban - Banning a user.
Prerequisites:
- In the top-level group, you must have the Owner role.
- In the top-level group, if the user you want to ban has the Owner role, you must demote the user.
To manually ban a user:
- Go to the top-level group.
- On the left sidebar, select Manage > Members.
- Next to the member you want to ban, select the vertical ellipsis ().
- From the dropdown list, select Ban member.
Automatically remove dormant members
Introduced in GitLab 17.1 with a flag named group_remove_dormant_members
. Disabled by default.
Prerequisites:
- You must have the Owner role for the group.
You can enable automatic removal of group members who either:
- Were added to the group more than a week ago and have no activity in the group.
- Have no activity in the group for a specified period of time. The default and minimum is 90 days. Activities involve:
- Git HTTP/SSH activities, such as
clone
andpush
. - Visiting pages related to dashboards, projects, issues, merge requests, settings, and so on.
- Using the API in the scope of the group.
- Using the GraphQL API in the scope of the group.
- Git HTTP/SSH activities, such as
- On the left sidebar, select Search or go to and find your group.
- On the left sidebar, select Settings > General.
- Expand Permissions and group features.
- Scroll to Dormant members.
- Select the Remove dormant members after a period of inactivity checkbox.
- In the Days of inactivity before removal field, enter the number of days before removal. The minimum is 90 days.
- Select Save changes.
After the member has reached the days of inactivity and is removed from the group:
- They still have access to GitLab.com.
- They do not have access to the group.
- Contributions made to the group are still assigned to the removed member.