User authentication
- Tier: Free, Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
GitLab provides multiple authentication methods to secure how users can access their account and interact with repositories. Use passwords with optional two-factor authentication for web-based access, SSH keys for Git operations, and various types of access tokens for API interactions and automation.
On GitLab Self-Managed and GitLab Dedicated, administrators can configure how authentication works, monitor credential usage, and implement security policies to protect their instance. Users can manage how they authenticate, review active sessions, and configure additional security measures like two-factor authentication.
Password authentication
User passwords
Password storage
Compromised password detection
Password length limits
Passwords for integrated authentication methods
Credentials management
Two-factor authentication
Two-factor authentication
Two-factor authentication (2FA) adds an extra layer of security to your GitLab account by requiring a second form of verification in addition to your password.
Two-factor authentication for administrators
Two-factor authentication troubleshooting
SSH key authentication
SSH keys
Understand how to use SSH keys with GitLab for secure authentication and repository access.
SSH key restrictions
SSH troubleshooting
Access tokens
Access tokens
Personal access tokens
Use personal access tokens to authenticate with the GitLab API or Git over HTTPS. Includes creation, rotation, revocation, scopes, and expiration settings.
Group access tokens
Project access tokens
Authentication, create, revoke, and token expiration.
Token troubleshooting