Identity verification
Introduced in GitLab 15.4 with a flag named identity_verification
. Disabled by default.
Identity verification provides multiple layers of GitLab account security. Depending on your risk score, you might be required to perform up to three stages of verification to register an account:
- All users - Email verification.
- Medium-risk users - Phone number verification.
- High-risk users - Credit card verification.
Users created after signing in with SAML SSO for GitLab.com groups are exempt from identity verification.
Email verification
To register an account, you must provide a valid email address. See Account email verification.
Phone number verification
In addition to email verification, you might have to provide a valid phone number and verify a one-time code.
You cannot verify an account with a phone number associated with a banned user.
Credit card verification
In addition to email and phone number verification, you might have to provide a valid credit card number.
You cannot verify an account with a credit card number associated with a banned user.