Applications API

Introduced in GitLab 10.5.

The Applications API operates on instance-wide OAuth applications for:

The Applications API cannot be used to manage group applications or applications of individual users.

note
Only administrator users can use the Applications API.

Create an application

Create an application by posting a JSON payload.

Returns 200 if the request succeeds.

POST /applications

Parameters:

AttributeTypeRequiredDescription
namestringyesName of the application.
redirect_uristringyesRedirect URI of the application.
scopesstringyesScopes of the application. You can specify multiple scopes by separating each scope using a space.
confidentialbooleannoThe application is used where the client secret can be kept confidential. Native mobile apps and Single Page Apps are considered non-confidential. Defaults to true if not supplied

Example request:

curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \
     --data "name=MyApplication&redirect_uri=http://redirect.uri&scopes=api read_user email" \
     "https://gitlab.example.com/api/v4/applications"

Example response:

{
    "id":1,
    "application_id": "5832fc6e14300a0d962240a8144466eef4ee93ef0d218477e55f11cf12fc3737",
    "application_name": "MyApplication",
    "secret": "ee1dd64b6adc89cf7e2c23099301ccc2c61b441064e9324d963c46902a85ec34",
    "callback_url": "http://redirect.uri",
    "confidential": true
}

List all applications

List all registered applications.

GET /applications

Example request:

curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/applications"

Example response:

[
    {
        "id":1,
        "application_id": "5832fc6e14300a0d962240a8144466eef4ee93ef0d218477e55f11cf12fc3737",
        "application_name": "MyApplication",
        "callback_url": "http://redirect.uri",
        "confidential": true
    }
]
note
The secret value is not exposed by this API.

Delete an application

Delete a specific application.

Returns 204 if the request succeeds.

DELETE /applications/:id

Parameters:

AttributeTypeRequiredDescription
idintegeryesThe ID of the application (not the application_id).

Example request:

curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/applications/:id"