Credentials inventory for GitLab.com

Tier: Ultimate Offering: GitLab.com
History

As a GitLab.com top-level group owner, you are responsible for the overall security of your groups and projects. To assist, GitLab provides an inventory of all the credentials that can be used to access your groups and projects.

This page describes how to manage the credentials inventory for GitLab.com. To manage credentials on GitLab self-managed, see Credentials inventory for GitLab self-managed.

In the credentials inventory, you can view:

You can also:

Revoke a user’s personal access token

You can revoke an enterprise user’s personal access token.

  1. On the left sidebar, select Secure.
  2. Select Credentials.
  3. By the personal access token, select Revoke.

If a Revoke option is not available, the token might already be revoked or have expired, or have an expiration date set.

Token state Revoke option displayed? Comments
Active Yes Allows administrators to revoke the PAT, such as for a compromised account
Expired No Not applicable; token is already expired
Revoked No Not applicable; token is already revoked

When a PAT is revoked from the credentials inventory, the instance notifies the user by email.

The credentials inventory page listing personal access tokens.

Delete a user’s SSH key

  1. On the left sidebar, select Secure.
  2. Select Credentials.
  3. Select the SSH Keys tab.
  4. By the SSH key, select Delete.

The instance notifies the user.

The credentials inventory page listing SSH keys.

Revoke a project or group access token

Credentials inventory on GitLab.com does not support viewing or revoking project or group access tokens. Issue 498333 proposes to add this feature.