Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-44121

[Gitlab auth] The requested scope is invalid, unknown, or malformed.

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • gitlab-oauth-plugin
    • None

      We tried to use this plugin, and after the configuration, we could login to gitlab and the gitlab shows this error:

      "An error has occurred

      The requested scope is invalid, unknown, or malformed."

       

      We use this versions:

      Gitlab: Comunity Edition 9.1.2

      Jenkins: 2.46.2

      Gitlab auth plugin: 1.0.9

       

      We tried with http and https.

      Our configuration:

      <authorizationStrategy class="org.jenkinsci.plugins.GitLabAuthorizationStrategy" plugin="gitlab-oauth@1.0.9">
      <rootACL>
      <organizationNameList class="linked-list">
      <string></string>
      </organizationNameList>
      <adminUserNameList class="linked-list">
      <string>xxxxxxxxxxx</string>
      </adminUserNameList>
      <authenticatedUserReadPermission>true</authenticatedUserReadPermission>
      <useRepositoryPermissions>false</useRepositoryPermissions>
      <authenticatedUserCreateJobPermission>true</authenticatedUserCreateJobPermission>
      <allowGitlabWebHookPermission>false</allowGitlabWebHookPermission>
      <allowCcTrayPermission>false</allowCcTrayPermission>
      <allowAnonymousReadPermission>false</allowAnonymousReadPermission>
      <allowAnonymousJobStatusPermission>false</allowAnonymousJobStatusPermission>
      </rootACL>
      </authorizationStrategy>
      <securityRealm class="org.jenkinsci.plugins.GitLabSecurityRealm">
      <gitlabWebUri>http://xx.xx.xx.xx</gitlabWebUri>
      <gitlabApiUri>http://xx.xx.xx.xx</gitlabApiUri>
      <clientID>xxxxxxxxxxxxxxxxxxxxx</clientID>
      <clientSecret>xxxxxxxxxxxxxxxxx</clientSecret>
      </securityRealm>

       

      and in gitlab app, we used "read_user" scope.

       

      Any idea or posible wrong configuration?

      Thanks for all.

       

          [JENKINS-44121] [Gitlab auth] The requested scope is invalid, unknown, or malformed.

          t3sn tech added a comment -

          It is failing because you have used the "read_user" scope only.
          It is not documented anywhere, but the plugin seems to mandatorily need only the "api" scope in the oauth settings in gitlab.

          I had the same error, which went away on changing the scope to "api". You may need to provide additional scopes depending upon the authorisations you use.

          t3sn tech added a comment - It is failing because you have used the "read_user" scope only. It is not documented anywhere, but the plugin seems to mandatorily need only the "api" scope in the oauth settings in gitlab. I had the same error, which went away on changing the scope to "api". You may need to provide additional scopes depending upon the authorisations you use.

            elhabib_med Mohamed El Habib
            monica_beeva Mónica Boto
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: