User permissions
GitLab uses a comprehensive permissions system that combines user types, roles, and membership to control what you can do within projects and groups. Users are assigned roles that define their permissions in projects and groups. Memberships and associated permissions cascade from top-level groups to subgroups and their projects.
User types have different levels of access across your GitLab instance, from regular users with standard permissions to administrators with full system control. Users can also have custom roles with specific permissions tailored to your organizational needs.
User types
Auditor users
Provide read-only access for auditing and compliance monitoring across all resources.
External users
Grant limited access to external members with restricted permissions for specific resources.
Internal users
Enable automated system operations through internal bot users for GitLab functionality.
Enterprise users
Manage organization users through domain verification and centralized enterprise controls.
Service accounts
Create non-human accounts for automated processes and third-party service integrations.
Roles and permissions
Roles and permissions
Understand the permissions and capabilities available to each user role in GitLab.
Guest role
Assign basic access with limited permissions as an entry-level user role.
Custom roles
Create custom roles with tailored permissions to meet specific organizational needs.
Custom permissions
Configure granular permissions with specific abilities for fine-grained access controls.