LinuxCommandLibrary

glab-auth

Authenticate glab CLI with GitLab instance

TLDR

Log in with interactive prompt

$ glab auth login
copy

Log in with a token
$ glab auth login [[-t|--token]] [token]
copy

Check authentication status
$ glab auth status
copy

Log in to a specific GitLab instance
$ glab auth login [[-h|--hostname]] [gitlab.example.com]
copy

SYNOPSIS

glab auth <login|logout|status|switch> [flags]

PARAMETERS

--hostname, -H <host>
    GitLab instance hostname (default: gitlab.com)

--token <token>
    Personal access token for auth

--stdin
    Read token from standard input

--auth-mode <mode>
    Mode: token, oauth, web, id-token (default: token)

--all, -A
    Apply to all configured hosts

--scope <scopes>
    Comma-separated token scopes (e.g., api,read_api)

--interactive
    Force interactive browser flow

--client-id <id>
    OAuth client ID for custom apps

DESCRIPTION

glab auth (often referenced as glab-auth functionality) is a core subcommand of the official glab GitLab CLI tool for handling user authentication with GitLab servers. It manages login sessions using personal access tokens, OAuth2 flows, web browser authentication, or ID tokens, enabling seamless API interactions for repository management, CI/CD pipelines, issues, and merge requests.

Authentication data is stored securely in ~/.config/gitlab.com/token or equivalent per-host files. The command supports multiple hosts like gitlab.com or self-hosted instances. Key benefits include integration with git credential helpers for passwordless git operations over HTTPS.

Usage starts with interactive glab auth login, which prompts for host and method. Check status with glab auth status, remove sessions via glab auth logout, or switch hosts with glab auth switch. Requires glab v1.0+ installed via brew, apt, or binaries.

CAVEATS

Tokens require api or read_api scopes. Web/OAuth needs browser access. Multi-host setups may conflict without --hostname. Not suitable for CI without non-interactive flags.

SUBCOMMANDS

login: Create new session
logout: Remove session(s)
status: Display current auth
switch: Change default host

TOKEN CREATION

Generate PAT at GitLab > User Settings > Access Tokens with api scope.

GIT INTEGRATION

Run glab auth git-config to setup credential helper for git clone/push.

HISTORY

Introduced with glab v1.0.0 in February 2021 by GitLab Inc. OAuth/web support added in v1.18.0 (2022). Evolved for enterprise multi-host auth in v1.30+.

SEE ALSO

glab(1), git-credential-glab(1), gitlab(1)

Copied to clipboard