diff options
Diffstat (limited to 'doc/api/oauth2.md')
| -rw-r--r-- | doc/api/oauth2.md | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/doc/api/oauth2.md b/doc/api/oauth2.md index 0bf7ae399f0..cc8b31ecf17 100644 --- a/doc/api/oauth2.md +++ b/doc/api/oauth2.md @@ -173,11 +173,14 @@ the following parameters: } ``` +Also you must use HTTP Basic authentication using the `client_id` and`client_secret` +values to authenticate the client that performs a request. + Example cURL request: ```shell echo 'grant_type=password&username=<your_username>&password=<your_password>' > auth.txt -curl --data "@auth.txt" --request POST "https://gitlab.example.com/oauth/token" +curl --data "@auth.txt" --user client_id:client_secret --request POST "https://gitlab.example.com/oauth/token" ``` Then, you'll receive the access token back in the response: @@ -190,6 +193,8 @@ Then, you'll receive the access token back in the response: } ``` +By default, the scope of the access token is `api`, which provides complete read/write access. + For testing, you can use the `oauth2` Ruby gem: ```ruby |