User SSH and GPG keys API

  • Tier: Free, Premium, Ultimate
  • Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated

Use this API to interact with SSH and GPG keys for users. For more information, see SSH keys and GPG keys.

List all SSH keys

Lists all SSH keys for your user account.

Use the page and per_page pagination parameters to filter the results.

Prerequisites:

  • You must be authenticated.
GET /user/keys

Example request:

curl --header "PRIVATE-TOKEN: <your_access_token>" \
  --url "https://gitlab.example.com/api/v4/user/keys"

Example response:

[
  {
    "id": 1,
    "title": "Public key",
    "key": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAiPWx6WM4lhHNedGfBpPJNPpZ7yKu+dnn1SJejgt4596k6YjzGGphH2TUxwKzxcKDKKezwkpfnxPkSMkuEspGRt/aZZ9wa++Oi7Qkr8prgHc4soW6NUlfDzpvZK2H5E7eQaSeP3SAwGmQKUFHCddNaP0L+hM7zhFNzjFvpaMgJw0=",
    "created_at": "2014-08-01T14:47:39.080Z",
    "usage_type": "auth"
  },
  {
    "id": 3,
    "title": "Another Public key",
    "key": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAiPWx6WM4lhHNedGfBpPJNPpZ7yKu+dnn1SJejgt4596k6YjzGGphH2TUxwKzxcKDKKezwkpfnxPkSMkuEspGRt/aZZ9wa++Oi7Qkr8prgHc4soW6NUlfDzpvZK2H5E7eQaSeP3SAwGmQKUFHCddNaP0L+hM7zhFNzjFvpaMgJw0=",
    "created_at": "2014-08-01T14:47:39.080Z",
    "usage_type": "signing"
  }
]

List all SSH keys for a user

Lists all SSH keys for a given user account. This endpoint does not require authentication.

GET /users/:id_or_username/keys

Supported attributes:

AttributeTypeRequiredDescription
id_or_usernamestringyesID or username of user account

Example request:

curl --header "PRIVATE-TOKEN: <your_access_token>" \
  --url "https://gitlab.example.com/api/v4/users/1/keys"

Get an SSH key

Gets an SSH key for your user account. This endpoint does not require authentication.

GET /user/keys/:key_id

Supported attributes:

AttributeTypeRequiredDescription
key_idstringyesID of existing key

Example request:

curl --header "PRIVATE-TOKEN: <your_access_token>" \
  --url "https://gitlab.example.com/api/v4/user/keys/1"

Example response:

{
  "id": 1,
  "title": "Public key",
  "key": "<SSH_KEY>",
  "created_at": "2014-08-01T14:47:39.080Z",
  "usage_type": "auth"
}

Get an SSH key for a user

Gets an SSH key for a given user account. This endpoint does not require authentication.

GET /users/:id/keys/:key_id

Supported attributes:

AttributeTypeRequiredDescription
idintegeryesID of user account
key_idintegeryesID of existing key

Example request:

curl --header "PRIVATE-TOKEN: <your_access_token>" \
  --url "https://gitlab.example.com/users/1/keys/1"

Example response:

{
  "id": 1,
  "title": "Public key",
  "key": "<SSH_KEY>",
  "created_at": "2014-08-01T14:47:39.080Z",
  "usage_type": "auth"
}

Add an SSH key

History

Adds an SSH key for your user account.

Prerequisites:

  • You must be authenticated.
POST /user/keys

Supported attributes:

AttributeTypeRequiredDescription
titlestringyesTitle for key
keystringyesPublic key value
expires_atstringnoExpiration date of the key in ISO format (YYYY-MM-DD).
usage_typestringnoUsage scope for the key. Possible values: auth, signing or auth_and_signing. Default value: auth_and_signing

Returns either:

  • The created key with status 201 Created on success.

  • A 400 Bad Request error with a message explaining the error:

    {
      "message": {
        "fingerprint": [
          "has already been taken"
        ],
        "key": [
          "has already been taken"
        ]
      }
    }

Example response:

{
  "title": "ABC",
  "key": "<SSH_KEY>",
  "expires_at": "2016-01-21T00:00:00.000Z",
  "usage_type": "auth"
}

Add an SSH key for a user

History

Adds an SSH key for a given user account.

This also adds an audit event.

Prerequisites:

  • You must have administrator access to the instance.
POST /users/:id/keys

Supported attributes:

AttributeTypeRequiredDescription
idintegeryesID of user account
titlestringyesTitle for key
keystringyesPublic key value
expires_atstringnoExpiration date of the access token in ISO format (YYYY-MM-DD).
usage_typestringnoUsage scope for the key. Possible values: auth, signing or auth_and_signing. Default value: auth_and_signing

Returns either:

  • The created key with status 201 Created on success.

  • A 400 Bad Request error with a message explaining the error:

    {
      "message": {
        "fingerprint": [
          "has already been taken"
        ],
        "key": [
          "has already been taken"
        ]
      }
    }

Example response:

{
  "title": "ABC",
  "key": "<SSH_KEY>",
  "expires_at": "2016-01-21T00:00:00.000Z",
  "usage_type": "auth"
}

Delete an SSH key

Deletes an SSH key from your user account.

Prerequisites:

  • You must be authenticated.
DELETE /user/keys/:key_id

Supported attributes:

AttributeTypeRequiredDescription
key_idintegeryesID of existing key

Returns either:

  • A 204 No Content status code if the operation was successful.
  • A 404 status code if the resource was not found.

Delete an SSH key for a user

Deletes an SSH key from a given user account.

Prerequisites:

  • You must have administrator access to the instance.
DELETE /users/:id/keys/:key_id

Supported attributes:

AttributeTypeRequiredDescription
idintegeryesID of user account
key_idintegeryesID of existing key

List all GPG keys

Lists all GPG keys for your user account.

Prerequisites:

  • You must be authenticated.
GET /user/gpg_keys

Example request:

curl --header "PRIVATE-TOKEN: <your_access_token>" \
  --url "https://gitlab.example.com/api/v4/user/gpg_keys"

Example response:

[
  {
    "id": 1,
    "key": "<PGP_PUBLIC_KEY_BLOCK>",
    "created_at": "2017-09-05T09:17:46.264Z"
  }
]

List all GPG keys for a user

Lists all GPG keys for a given user account. This endpoint does not require authentication.

GET /users/:id/gpg_keys

Supported attributes:

AttributeTypeRequiredDescription
idintegeryesID of user account

Example request:

curl --header "PRIVATE-TOKEN: <your_access_token>" \
  --url "https://gitlab.example.com/api/v4/users/2/gpg_keys"

Example response:

[
  {
    "id": 1,
    "key": "<PGP_PUBLIC_KEY_BLOCK>",
    "created_at": "2017-09-05T09:17:46.264Z"
  }
]

Get a GPG key

Gets a GPG key for your user account.

Prerequisites:

  • You must be authenticated.
GET /user/gpg_keys/:key_id

Supported attributes:

AttributeTypeRequiredDescription
key_idintegeryesID of existing key

Example request:

curl --header "PRIVATE-TOKEN: <your_access_token>" \
  --url "https://gitlab.example.com/api/v4/user/gpg_keys/1"

Example response:

{
  "id": 1,
  "key": "<PGP_PUBLIC_KEY_BLOCK>",
  "created_at": "2017-09-05T09:17:46.264Z"
}

Get a GPG key for a user

Gets a GPG key for a given user account. This endpoint does not require authentication.

GET /users/:id/gpg_keys/:key_id

Supported attributes:

AttributeTypeRequiredDescription
idintegeryesID of user account
key_idintegeryesID of existing key

Example request:

curl --header "PRIVATE-TOKEN: <your_access_token>" \
  --url "https://gitlab.example.com/api/v4/users/2/gpg_keys/1"

Example response:

{
  "id": 1,
  "key": "<PGP_PUBLIC_KEY_BLOCK>",
  "created_at": "2017-09-05T09:17:46.264Z"
}

Add a GPG key

Adds a GPG key for your user account.

Prerequisites:

  • You must be authenticated.
POST /user/gpg_keys

Supported attributes:

AttributeTypeRequiredDescription
keystringyesPublic key value

Example request:

export KEY="$(gpg --armor --export <your_gpg_key_id>)"

curl --data-urlencode "key=<PGP_PUBLIC_KEY_BLOCK>" \
     --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/user/gpg_keys"

Example response:

[
  {
    "id": 1,
    "key": "<PGP_PUBLIC_KEY_BLOCK>",
    "created_at": "2017-09-05T09:17:46.264Z"
  }
]

Add a GPG key for a user

Adds a GPG key for a given user account.

Prerequisites:

  • You must have administrator access to the instance.
POST /users/:id/gpg_keys

Supported attributes:

AttributeTypeRequiredDescription
idintegeryesID of user account
keyintegeryesPublic key value

Example request:

curl --data-urlencode "key=<PGP_PUBLIC_KEY_BLOCK>" \
     --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/users/2/gpg_keys"

Example response:

[
  {
    "id": 1,
    "key": "<PGP_PUBLIC_KEY_BLOCK>",
    "created_at": "2017-09-05T09:17:46.264Z"
  }
]

Delete a GPG key

Deletes a GPG key from your user account.

Prerequisites:

  • You must be authenticated.
DELETE /user/gpg_keys/:key_id

Supported attributes:

AttributeTypeRequiredDescription
key_idintegeryesID of existing key

Returns either:

  • 204 No Content on success.
  • 404 Not Found if the key cannot be found.

Delete a GPG key for a user

Deletes a GPG key from a given user account.

Prerequisites:

  • You must have administrator access to the instance.
DELETE /users/:id/gpg_keys/:key_id

Supported attributes:

AttributeTypeRequiredDescription
idintegeryesID of user account
key_idintegeryesID of existing key