Updated: August 22, 2024

GitLab API Token

This guide explains how to add a GitLab API token to Enji to allow the platform to collect data from GitLab repositories.

Repositories

Read-only access to GitLab repositories is required for Enji to provide analytics and insights. Depending on the setup, one of the following token types can be used:

  • Personal Access Token — tied to a user
  • Project Access Token — tied to a specific repository
  • Group Access Token — tied to a group and all its projects

These instructions apply to both GitLab Cloud and GitLab Self-Managed.

Personal Access Token (PAT)

Best for: small teams or individual repositories where user-level access is acceptable.

1. Log in to your GitLab account.

2. Go to User Settings → Access Tokens.
For GitLab Cloud: https://gitlab.com/-/profile/personal_access_tokens
For GitLab Self-Managed: https:///-/profile/personal_access_tokens

3. Fill out the form:

  • Name: Enji Read Token
  • Expiration Date: a year or more
  • Scopes (check all of these): read_repository, read_api, read_user, read_registry, read_package_registry

4. Click Create personal access token

5. Copy and securely store the token — it won't be shown again.

Project Access Token

Best for: giving access to a single repository only.

1. Open the target GitLab project.

2. Go to Settings → Access Tokens.

3. Fill out the form:

  • Name: Enji Read Token
  • Role: Reporter
  • Scopes: read_repository, read_api, read_registry, read_package_registry

4. Click Create project access token

5. Copy and securely store the token.

Group Access Token

Best for: giving access to all repositories inside a group.

1. Navigate to your GitLab Group.

2. Go to Settings → Access Tokens.

3. Fill out the form:

  • Name: Enji Read Token
  • Role: Reporter
  • Scopes: read_repository, read_api, read_registry, read_package_registry

4. Click Create group access token

5. Copy and securely store the token.

Important: When connecting GitLab to a project in Enji, make sure the URL you provide matches the access level granted by the token.

  • If you specify a GitLab Group URL (e.g., https://gitlab.com/my-group) and the access token has permissions for the entire group, Enji will be able to parse data from all repositories within that group.
  • However, if the token only has access to specific repositories within the group, you must add each repository URL individually.

In other words, the GitLab URL provided must align with the scope and permissions of the access token. If there’s a mismatch, Enji won’t be able to parse the data correctly!

Notes:

You can revoke any token at any time.

Do not enable write-level scopes (write_repository, api, sudo).

For GitLab Self-Managed, make sure Access Token functionality is enabled.