2022-01-07 19:14:32 -05:00
---
stage: Manage
2022-01-26 22:14:06 -05:00
group: Authentication and Authorization
2022-09-21 17:13:33 -04:00
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
2022-01-07 19:14:32 -05:00
---
# Group access tokens API **(FREE)**
2022-01-17 07:17:11 -05:00
You can read more about [group access tokens ](../user/group/settings/group_access_tokens.md ).
2022-01-07 19:14:32 -05:00
## List group access tokens
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77236) in GitLab 14.7.
2022-01-17 07:17:11 -05:00
Get a list of [group access tokens ](../user/group/settings/group_access_tokens.md ).
2022-01-07 19:14:32 -05:00
```plaintext
GET groups/:id/access_tokens
```
| Attribute | Type | required | Description |
|-----------|---------|----------|---------------------|
2022-03-22 23:07:30 -04:00
| `id` | integer or string | yes | ID or [URL-encoded path of the group ](index.md#namespaced-path-encoding ) |
2022-01-07 19:14:32 -05:00
```shell
curl --header "PRIVATE-TOKEN: < your_access_token > " "https://gitlab.example.com/api/v4/groups/< group_id > /access_tokens"
```
```json
[
{
"user_id" : 141,
"scopes" : [
"api"
],
"name" : "token",
"expires_at" : "2021-01-31",
"id" : 42,
"active" : true,
"created_at" : "2021-01-20T22:11:48.151Z",
"revoked" : false,
"access_level": 40
}
]
```
2022-03-22 23:07:30 -04:00
## Get a group access token
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82714) in GitLab 14.10.
Get a [group access token ](../user/group/settings/group_access_tokens.md ) by ID.
```plaintext
GET groups/:id/access_tokens/:token_id
```
| Attribute | Type | required | Description |
|-----------|---------|----------|---------------------|
| `id` | integer or string | yes | ID or [URL-encoded path of the group ](index.md#namespaced-path-encoding ) |
| `token_id` | integer or string | yes | ID of the group access token |
```shell
curl --header "PRIVATE-TOKEN: < your_access_token > " "https://gitlab.example.com/api/v4/groups/< group_id > /access_tokens/< token_id > "
```
```json
{
"user_id" : 141,
"scopes" : [
"api"
],
"name" : "token",
"expires_at" : "2021-01-31",
"id" : 42,
"active" : true,
"created_at" : "2021-01-20T22:11:48.151Z",
"revoked" : false,
"access_level": 40
}
```
2022-01-07 19:14:32 -05:00
## Create a group access token
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77236) in GitLab 14.7.
2022-06-17 05:08:50 -04:00
Create a [group access token ](../user/group/settings/group_access_tokens.md ). You must have the Owner role for the
group to create group access tokens.
2022-01-07 19:14:32 -05:00
```plaintext
POST groups/:id/access_tokens
```
| Attribute | Type | required | Description |
|-----------|---------|----------|---------------------|
2022-03-22 23:07:30 -04:00
| `id` | integer or string | yes | ID or [URL-encoded path of the group ](index.md#namespaced-path-encoding ) |
| `name` | String | yes | Name of the group access token |
2022-01-21 01:16:15 -05:00
| `scopes` | `Array[String]` | yes | [List of scopes ](../user/group/settings/group_access_tokens.md#scopes-for-a-group-access-token ) |
2022-06-17 05:08:50 -04:00
| `access_level` | Integer | no | Access level. Valid values are `10` (Guest), `20` (Reporter), `30` (Developer), `40` (Maintainer), and `50` (Owner). |
2022-03-22 23:07:30 -04:00
| `expires_at` | Date | no | Token expires at midnight UTC on that date |
2022-01-07 19:14:32 -05:00
```shell
curl --request POST --header "PRIVATE-TOKEN: < your_access_token > " \
--header "Content-Type:application/json" \
--data '{ "name":"test_token", "scopes":["api", "read_repository"], "expires_at":"2021-01-31", "access_level": 30 }' \
"https://gitlab.example.com/api/v4/groups/< group_id > /access_tokens"
```
```json
{
"scopes" : [
"api",
"read_repository"
],
"active" : true,
"name" : "test",
"revoked" : false,
"created_at" : "2021-01-21T19:35:37.921Z",
"user_id" : 166,
"id" : 58,
"expires_at" : "2021-01-31",
"token" : "D4y...Wzr",
"access_level": 30
}
```
## Revoke a group access token
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77236) in GitLab 14.7.
2022-01-17 07:17:11 -05:00
Revoke a [group access token ](../user/group/settings/group_access_tokens.md ).
2022-01-07 19:14:32 -05:00
```plaintext
DELETE groups/:id/access_tokens/:token_id
```
| Attribute | Type | required | Description |
|-----------|---------|----------|---------------------|
2022-03-22 23:07:30 -04:00
| `id` | integer or string | yes | ID or [URL-encoded path of the group ](index.md#namespaced-path-encoding ) |
| `token_id` | integer or string | yes | ID of the group access token |
2022-01-07 19:14:32 -05:00
```shell
curl --request DELETE --header "PRIVATE-TOKEN: < your_access_token > " "https://gitlab.example.com/api/v4/groups/< group_id > /access_tokens/< token_id > "
```
### Responses
- `204: No Content` if successfully revoked.
- `400 Bad Request` or `404 Not Found` if not revoked successfully.