Gitlab OAuth scopes

Required OAuth scopes and used endpoints when connecting to Gitlab.

You can find an overview of all available OAuth scopes for Gitlab here:

https://docs.gitlab.com/ee/integration/oauth_provider.html

Git for Confluence requests the following scopes:

  • read_api

  • read_repository

API endpoints

These are the endpoints that are being called with an OAuth token.

Retrieve contents of a file from a repository

This endpoint is being used to retrieve the content of a file so that we can display it on a Confluence page for you. The content of this file is not being saved on the servers of Git for Confluence. This means that every time a file is being viewed on a Confluence page, we will have to retrieve it using this endpoint.

Retrieve contents of a folder from a repository

This endpoint is being used to retrieve the contents of a folder so that we can display it on a Confluence page for you. The content of this folder is not being saved on the servers of Git for Confluence. This means that every time a folder is being viewed on a Confluence page, we will have to retrieve it using this endpoint.

GraphQL queries

To retrieve all the required information of the git content in a folder Git for Confluence uses the following GraphQL queries.

{
    project {
        repository {
            tree {
                blobs
                trees
            }
        }
    }
}
{
    project {
        repository {
            blobs
        }
    }
}

Downloading contents from a repository

This endpoint is being used to generate a zip archive from a folder so you can download it from a Confluence page. This archive is not being saved on the server of Git for Confluence. This means that every time a folder is downloaded we will have to retrieve it using this endpoint.

Retrieve repository information

Sometimes an error can occur when retrieving a file from Gitlab. Gitlab tells us that the file can not be found if it does not exist, or if you do not have access to the file. Yet we would like to let you know what the actual problem is.

We use this endpoint to check if the repository exists, if that is the case we assume that the file does not exist and show that to you in the UI.

If we can not find the repository, we assume that you do not have access to the file that you are trying to share.

PreviousBitbucket OAuth scopesNextAzure DevOps OAuth scopes

Last updated