User account
Each GitLab account has a user profile, and settings. Your profile contains information about you, and your GitLab activity. Your settings allow you to customize some aspects of GitLab to suit yourself.
Creating users
There are several ways to create users on GitLab. See the creating users documentation for more details.
Signing in
There are several ways to sign into your GitLab account. See the authentication topic for more details.
Unknown sign-in
GitLab notifies you if a sign-in occurs that is from an unknown IP address or device. See Unknown Sign-In Notification for more details.
User profile
To access your profile:
- Click on your avatar.
- Select Profile.
On your profile page, you can see the following information:
- Personal information
- Activity stream: see your activity streamline and the history of your contributions
- Groups: groups you're a member of
- Contributed projects: projects you contributed to
- Personal projects: your personal projects (respecting the project's visibility level)
- Starred projects: projects you starred
- Snippets: your personal code snippets
Profile settings
To access your profile settings:
- Click on your avatar.
- Select Settings.
From there, you can:
- Update your personal information, including:
- Full name
- Primary email, public email, and commit email
- Social media handles
- Website URL
- Location
- Job title
- Bio
- Change your password
- Set a custom status for your profile
- Manage your commit email for your profile
- Manage 2FA
- Add details of external accounts.
- Change your username and delete your account
- Manage applications that can use GitLab as an OAuth provider
- Manage personal access tokens to access your account via API and authorized applications
- Add and delete emails linked to your account
- Choose which email to use for notifications, web-based commits, and display on your public profile
- Manage SSH keys to access your account via SSH
- Manage your preferences to customize your own GitLab experience
- View your active sessions and revoke any of them if necessary
- Access your audit events, a security log of important events involving your account
Changing your password
- Navigate to your profile's Settings > Password.
- Enter your current password in the 'Current password' field.
- Enter your desired new password twice, once in the 'New password' field and once in the 'Password confirmation' field.
- Click the 'Save password' button.
If you don't know your current password, select the 'I forgot my password' link.
Changing your username
Your username
is a unique namespace
related to your user ID. Changing it can have unintended side effects, read
how redirects behave
before proceeding.
To change your username
:
- Navigate to your profile's Settings > Account.
- Enter a new username under Change username.
- Click Update username.
WARNING: It is currently not possible to change your username if it contains a project with Container Registry tags, because the project cannot be moved.
NOTE: If you want to retain ownership over the original namespace and protect the URL redirects, then instead of changing a group's path or renaming a username, you can create a new group and transfer projects to it. Alternatively, you can follow this detailed procedure from the GitLab Team Handbook which also covers the case where you have projects hosted with GitLab Pages.
Private profile
The following information is hidden from the user profile page (https://gitlab.example.com/username
) if this feature is enabled:
- Atom feed
- Date when account is created
- Activity tab
- Groups tab
- Contributed projects tab
- Personal projects tab
- Starred projects tab
- Snippets tab
To enable private profile:
- Click your avatar.
- Select Profile.
- Click Edit profile (pencil icon).
- Check the Private profile option in the Main settings section.
- Click Update profile settings.
NOTE: All your profile information can be seen by yourself, and GitLab admins, even if the Private profile option is enabled.
Add details of external accounts
GitLab allows you to add links to certain other external accounts you might have, like Skype and Twitter. They can help other users connect with you on other platforms.
To add links to other accounts:
- Click your avatar.
- Select Profile.
- Click Edit profile (pencil icon).
- Complete the desired fields for external accounts, in the Main settings
section:
- Skype
- Click Update profile settings.
Private contributions
Introduced in GitLab 11.3.
Enabling private contributions includes contributions to private projects, in the user contribution calendar graph and user recent activity.
To enable private contributions:
- Click on your avatar.
- Select Profile.
- Click Edit profile (pencil icon).
- Check the Private contributions option.
- Click Update profile settings.
Current status
Introduced in GitLab 11.2.
You can provide a custom status message for your user profile along with an emoji that describes it. This may be helpful when you are out of office or otherwise not available. Other users can then take your status into consideration when responding to your issues or assigning work to you. Please be aware that your status is publicly visible even if your profile is private.
Status messages are restricted to 100 characters of plain text.
They may however contain emoji codes such as I'm on vacation :palm_tree:
.
To set your current status:
- Click your avatar.
- Click Set status, or Edit status if you have already set a status.
- Set the desired emoji and/or status message.
- Click Set status. Alternatively, you can click Remove status to remove your user status entirely.
or
- Click your avatar.
- Select Profile.
- Click Edit profile (pencil icon).
- Enter your status message in the Your status text field.
- Click Add status emoji (smiley face), and select the desired emoji.
- Click Update profile settings.
You can also set your current status using the API.
If you previously selected the "Busy" checkbox, remember to deselect it when you become available again.
Busy status indicator
- Introduced in GitLab 13.6.
- It was deployed behind a feature flag, disabled by default.
- Became enabled by default in GitLab 13.8.
- It's enabled on GitLab.com.
- It's not recommended for production use.
- For GitLab self-managed instances, GitLab administrators can opt to disable it.
To indicate to others that you are busy, you can set an indicator
To set the busy status indicator, either:
-
Set it directly:
- Click your avatar.
- Click Set status, or Edit status if you have already set a status.
- Select the Busy checkbox
-
Set it on your profile:
- Click your avatar.
- Select Profile.
- Click Edit profile ({pencil}).
- Select the Busy checkbox
Disable busy status feature
The busy status feature is deployed behind a feature flag and is enabled by default. GitLab administrators with access to the GitLab Rails console can disable it for your instance from the rails console.
To disable it:
Feature.disable(:set_user_availability_status)
To enable it:
Feature.enable(:set_user_availability_status)
Commit email
Introduced in GitLab 11.4.
A commit email is an email address displayed in every Git-related action carried out through the GitLab interface.
Any of your own verified email addresses can be used as the commit email.
To change your commit email:
- Click your avatar.
- Select Profile.
- Click Edit profile (pencil icon).
- Click Commit email dropdown.
- Select any of the verified emails.
- Click Update profile settings.
Private commit email
Introduced in GitLab 11.5.
GitLab provides the user with an automatically generated private commit email option, which allows the user to keep their email information private.
To enable this option:
- Click your avatar.
- Select Profile.
- Click Edit profile (pencil icon).
- Click Commit email dropdown.
- Select Use a private email option.
- Click Update profile settings.
Once this option is enabled, every Git-related action is performed using the private commit email.
To stay fully anonymous, you can also copy this private commit email and configure it on your local machine using the following command:
git config --global user.email <your email address>
Troubleshooting
Why do I keep getting signed out?
When signing in to the main GitLab application, a _gitlab_session
cookie is
set. _gitlab_session
is cleared client-side when you close your browser
and expires after "Application settings -> Session duration (minutes)"/session_expire_delay
(defaults to 10080
minutes = 7 days) of no activity.
When signing in to the main GitLab application, you can also check the
"Remember me" option which sets the remember_user_token
cookie (via devise
).
remember_user_token
expires after
config/initializers/devise.rb
-> config.remember_for
(defaults to 2 weeks).
When the _gitlab_session
expires or isn't available, GitLab uses the remember_user_token
to get you a new _gitlab_session
and keep you signed in through browser restarts.
After your remember_user_token
expires and your _gitlab_session
is cleared/expired,
you are asked to sign in again to verify your identity for security reasons.
NOTE: When any session is signed out, or when a session is revoked via Active Sessions, all Remember me tokens are revoked. While other sessions remain active, the Remember me feature doesn't restore a session if the browser is closed or the existing session expires.
Increased sign-in time
Introduced in GitLab 13.1.
The remember_user_token
lifetime of a cookie can now extend beyond the deadline set by config.remember_for
, as the config.extend_remember_period
flag is now set to true.
GitLab uses both session and persistent cookies:
- Session cookie: Session cookies are normally removed at the end of the browser session when
the browser is closed. The
_gitlab_session
cookie has no fixed expiration date. However, it expires based on itssession_expire_delay
. - Persistent cookie: The
remember_user_token
is a cookie with an expiration date of two weeks. GitLab activates this cookie if you click Remember Me when you sign in.
By default, the server sets a time-to-live (TTL) of 1-week on any session that is used.
When you close a browser, the session cookie may still remain. For example, Chrome has the "Continue where you left off" option that restores session cookies.
In other words, as long as you access GitLab at least once every 2 weeks, you could remain signed in with GitLab, as long as your browser tab is open.
The server continues to reset the TTL for that session, independent of whether 2FA is installed,
If you close your browser and open it up again, the remember_user_token
cookie allows your user to reauthenticate itself.
Without the config.extend_remember_period
flag, you would be forced to sign in again after two weeks.