Reputation: 31
Rotating Gitlab's Service Account tokens with specified expiry
I am currently using a Gitlab service account with its token and I want to set up a CICD job that automates the rotation of the service account tokens.
However from the documenation, it seems there isn't a field where I can set the expiry date of the rotated tokens unlike the user's personal access token rotation api.
Trying it out and rotating service account tokens only gives it a 7 duration.
I would like to know if its possible to set an expiry for service account tokens' rotation.
If not, I would have to use Gitlab's scheduler to rotate the tokens every 6-7 days.
Another method i could think of its to revoke and create the service account tokens manually and set the job to run every x months. (this way, i could control the "expiry" per say)
Would love to hear everyone's suggestions on this issue.
Upvotes: 1
Views: 1165
Answers (1)
Reputation: 1324228
That does not seem to be possible.
GitLab 17.7 illustrates that with:
Rotate personal, project, and group access tokens in the UI
You can now use the UI to rotate personal, project, and group access tokens. Previously, you had to use the API to do this.
Thank you shangsuru for your contribution!
See Documentation and Issue.
The GUI itself does not expose the expires_at field.
Upvotes: 0
Related Questions
- Set expiration for grafana service account tokens through HTTP API
- What's the whole point of a JWT refresh token?
- Configure PhpStorm to show Issues/Tasks from GitLab
- Can you reuse a Google service account access token?
- service account for gitlab container registry
- Using OAuth2 refresh tokens in an ASPMVC application
- Pronto-Rubocop on Gitlab is not working, wrong URL being called