1

I have a private repository that is hosted on gitlab.com. I've created a project access token with read_repository scope. The intention is that any user with the project access token can clone the repository.

I'm issuing:

git clone https://xyz@gitlab.com/user/repo.git

and when prompted for my password, I enter the project access token, but am told:

Cloning into 'repo'...
Password for 'https://xyz@gitlab.com': 
remote: You are not allowed to download code from this project.
fatal: unable to access 'https://gitlab.com/user/repo.git/': The requested URL returned error: 403

I've tried creating a number of additional project access tokens with multiple scopes in addition to read_repository, but get the same error. I've also tried cloning using the project access token directly in the clone:

git clone https://xyz:MY_ACCESS_TOKEN@gitlab.com/user/repo.git

but get the same error.

Clarifications

All project access tokens I've created have an expiry date set to a month from now. The xyz string is, to my understanding, irrelevant, since it's a placeholder for the username. From the gitlab documentation, it seems this can be any non-empty string.

Sav
  • 21
  • 4
  • oauth2: https://stackoverflow.com/questions/72371417/how-to-git-clone-via-https-with-personal-access-token-in-private-project-gitlab – KamilCuk May 10 '23 at 09:39
  • What is `xyz`? It should be a generated username or the literal `oauth2`. Did you set expiration date while creating the token? To my experience, some people mistakenly set the expiration date with today, which makes the token expired at once. – ElpieKay May 10 '23 at 09:43
  • My understanding is that the username part of the command is irrelevant, so it can by `xyz` just as much as `oauth2`. But regardless, I was conscious of this post and have tried using `oauth2` to no effect. – Sav May 10 '23 at 09:46
  • All the project access tokens that I've used have an expiry date a month from now. – Sav May 10 '23 at 09:49
  • @KamilCuk Could you provide a reference for this? But regardless, my previous comment stating that I've tried `oauth2` to no effect kind of makes this moot. – Sav May 10 '23 at 10:06

1 Answers1

0

What does the xyz stands for ? Are you the owner of the repository / do you have permissions ?

--- What you actually want to do is add the oauth2 protocol before the actual token

git clone https://oauth2:MY_ACCESS_TOKEN@gitlab.com/user/repo.git

If it doesnt help, try executing a rest api using this token to make sure it is valid.

Try Referring this post for further investigating.

Shachar297
  • 599
  • 2
  • 7