Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-44121

[Gitlab auth] The requested scope is invalid, unknown, or malformed.

    Details

    • Similar Issues:

      Description

      We tried to use this plugin, and after the configuration, we could login to gitlab and the gitlab shows this error:

      "An error has occurred

      The requested scope is invalid, unknown, or malformed."

       

      We use this versions:

      Gitlab: Comunity Edition 9.1.2

      Jenkins: 2.46.2

      Gitlab auth plugin: 1.0.9

       

      We tried with http and https.

      Our configuration:

      <authorizationStrategy class="org.jenkinsci.plugins.GitLabAuthorizationStrategy" plugin="gitlab-oauth@1.0.9">
      <rootACL>
      <organizationNameList class="linked-list">
      <string></string>
      </organizationNameList>
      <adminUserNameList class="linked-list">
      <string>xxxxxxxxxxx</string>
      </adminUserNameList>
      <authenticatedUserReadPermission>true</authenticatedUserReadPermission>
      <useRepositoryPermissions>false</useRepositoryPermissions>
      <authenticatedUserCreateJobPermission>true</authenticatedUserCreateJobPermission>
      <allowGitlabWebHookPermission>false</allowGitlabWebHookPermission>
      <allowCcTrayPermission>false</allowCcTrayPermission>
      <allowAnonymousReadPermission>false</allowAnonymousReadPermission>
      <allowAnonymousJobStatusPermission>false</allowAnonymousJobStatusPermission>
      </rootACL>
      </authorizationStrategy>
      <securityRealm class="org.jenkinsci.plugins.GitLabSecurityRealm">
      <gitlabWebUri>http://xx.xx.xx.xx</gitlabWebUri>
      <gitlabApiUri>http://xx.xx.xx.xx</gitlabApiUri>
      <clientID>xxxxxxxxxxxxxxxxxxxxx</clientID>
      <clientSecret>xxxxxxxxxxxxxxxxx</clientSecret>
      </securityRealm>

       

      and in gitlab app, we used "read_user" scope.

       

      Any idea or posible wrong configuration?

      Thanks for all.

       

        Attachments

          Activity

          Hide
          t3sn t3sn tech added a comment -

          It is failing because you have used the "read_user" scope only.
          It is not documented anywhere, but the plugin seems to mandatorily need only the "api" scope in the oauth settings in gitlab.

          I had the same error, which went away on changing the scope to "api". You may need to provide additional scopes depending upon the authorisations you use.

          Show
          t3sn t3sn tech added a comment - It is failing because you have used the "read_user" scope only. It is not documented anywhere, but the plugin seems to mandatorily need only the "api" scope in the oauth settings in gitlab. I had the same error, which went away on changing the scope to "api". You may need to provide additional scopes depending upon the authorisations you use.

            People

            • Assignee:
              elhabib_med Mohamed El Habib
              Reporter:
              monica_beeva Mónica Boto
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: