Update: Supporting GitLab’s new expiring OAuth tokens

GitLab recently announced changes to their OAuth token expiry, notably that tokens now expire after two hours. This is a big shift from the previously unlimited expiry period. This change was made to increase security, by limiting the window in which each token can be used.

Changes to Netlify’s Outgoing Notifications when using GitLab

Outgoing notifications can inform you or external services about your site’s deploy activity. As a result of these changes, Netlify will no longer automatically create Outgoing Notifications for sites created using GitLab.

Instead, a Personal Access Token can be generated and used to manually create notifications with a custom or unlimited expiry date. To use a Personal Access Token to create custom outgoing notifications, go to Site settings > Build & deploy > Deploy notifications and select a notification type from the dropdown of available options.

We expect existing notifications to Gitlab e.g pull request comments and commit checks to fail. To fix you will need to edit the notifications in your site settings and add a personal access token

References: https://docs.gitlab.com/ee/integration/oauth_provider.html#expiring-access-tokens

Debugging issues with Netlify’s Continues Deploy Previews Drawer

Users who have trouble viewing the Continous Deploy Preview Drawer will need to re-authenticate. Currently, the only way to do this will be to re-link the Gitlab repository, go to Site Settings > Build and Deploy > Repository > Manage Repository > Link to a different repository and choose the same site repo. Please note that before you do this on any site you should make a list of the environment variables which are set in our UI since this operation will cause them to be removed (and you’ll want to re-add - which you can and should do while re-linking the repo, so your builds have access to these expected values:

Please comment below if you have any questions and we’ll be happy to help out!


Creating a personal access token and using it for the deploy notifications does not work for me either. Which scope does the personal access token need?

Hi @niklas,

The “api” scope should be sufficient. Which scopes did you provide? Try the api scope and let us know if you are still facing issues

Hi, when I create a personal access token in gitlab, does the name of the PAT matter? And How about the role of the token? (Guest/Reporter/Developer/Maintainer)

Hey @raymzag,

Name wouldn’t matter and the Role could be anything that provides access to the api scope.