GitLab · Capability
GitLab Authentication And Identity
Unified capability for GitLab OAuth 2.0 authentication flows and user identity. Enables developers and platform administrators to manage OAuth application authorization, token lifecycle, and authenticated user profile retrieval.
What You Can Do
GET
Authorize oauth
— Initiate the OAuth 2.0 authorization code flow.
/v1/authorizations
POST
Authorize device
— Initiate the device authorization grant flow.
/v1/device-authorizations
POST
Exchange token
— Exchange an authorization code, device code, or refresh token for an access token.
/v1/tokens
POST
Revoke token
— Revoke an OAuth access or refresh token.
/v1/token-revocations
GET
Get token info
— Get information about the current access token.
/v1/token-info
GET
Get user info
— Get profile information about the authenticated user.
/v1/user-info
MCP Tools
authorize-oauth
Initiate the OAuth 2.0 authorization code flow with optional PKCE support.
read-only
idempotent
authorize-device
Initiate the device authorization grant flow for input-constrained devices.
exchange-token
Exchange an authorization code, device code, or refresh token for an access token.
revoke-token
Revoke an existing OAuth access or refresh token.
idempotent
get-token-info
Get information about the current OAuth access token including scopes and expiration.
read-only
idempotent
get-user-info
Get profile information about the currently authenticated user.
read-only
idempotent
APIs Used
gitlab-oauth2