Merge branch 'mjang-oauth2-registries' into 'master'

Add section describing OAuth2 token use in registries See merge request gitlab-org/gitlab!55803

Merge branch 'mjang-oauth2-registries' into 'master'
Add section describing OAuth2 token use in registries See merge request gitlab-org/gitlab!55803
5ff8d359 · Nick Gaskill · bf1611e8 · c28800c2 · 5ff8d359
Commit 5ff8d359 authored Mar 09, 2021 by Nick Gaskill
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 0 deletions

doc/api/oauth2.md doc/api/oauth2.md +10 -0

No files found.
--- a/doc/api/oauth2.md
+++ b/doc/api/oauth2.md
@@ -354,3 +354,13 @@ These are aliases for `scope` and `expires_in` respectively, and have been inclu
 prevent breaking changes introduced in [doorkeeper 5.0.2](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions#from-4x-to-5x).

 Don't rely on these fields as they will be removed in a later release.
+
+## OAuth2 tokens and GitLab registries
+
+Standard OAuth2 tokens support different degrees of access to GitLab registries, as they:
+
+- Do not allow users to authenticate to:
+  - The GitLab [Container registry](../user/packages/container_registry/index.md#authenticate-with-the-container-registry).
+  - Packages listed in the GitLab [Package registry](../user/packages/package_registry/index.md).
+- Allow users to get, list, and delete registries through
+  the [Container registry API](container_registry.md).