Merge request approvals API (PREMIUM)
Configuration for approvals on all merge requests in the project. Must be authenticated for all endpoints.
Project-level MR approvals
Get Configuration
Moved to GitLab Premium in 13.9.
You can request information about a project's approval configuration using the following endpoint:
GET /projects/:id/approvalsParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
{
"approvals_before_merge": 2,
"reset_approvals_on_push": true,
"disable_overriding_approvers_per_merge_request": false,
"merge_requests_author_approval": true,
"merge_requests_disable_committers_approval": false,
"require_password_to_approve": true
}Change configuration
Moved to GitLab Premium in 13.9.
If you are allowed to, you can change approval configuration using the following endpoint:
POST /projects/:id/approvalsParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
approvals_before_merge |
integer | no | How many approvals are required before an MR can be merged. Deprecated in 12.0 in favor of Approval Rules API. |
reset_approvals_on_push |
boolean | no | Reset approvals on a new push |
disable_overriding_approvers_per_merge_request |
boolean | no | Allow or prevent overriding approvers per MR |
merge_requests_author_approval |
boolean | no | Allow or prevent authors from self approving merge requests; true means authors can self approve |
merge_requests_disable_committers_approval |
boolean | no | Allow or prevent committers from self approving merge requests |
require_password_to_approve |
boolean | no | Require approver to enter a password to authenticate before adding the approval |
{
"approvals_before_merge": 2,
"reset_approvals_on_push": true,
"disable_overriding_approvers_per_merge_request": false,
"merge_requests_author_approval": false,
"merge_requests_disable_committers_approval": false,
"require_password_to_approve": true
}Get project-level rules
- Introduced in GitLab 12.3.
- Moved to GitLab Premium in 13.9.
protected_branchesproperty was introduced in GitLab 12.7.
You can request information about a project's approval rules using the following endpoint:
GET /projects/:id/approval_rulesParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
[
{
"id": 1,
"name": "security",
"rule_type": "regular",
"eligible_approvers": [
{
"id": 5,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
},
{
"id": 50,
"name": "Group Member 1",
"username": "group_member_1",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/group_member_1"
}
],
"approvals_required": 3,
"users": [
{
"id": 5,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
}
],
"groups": [
{
"id": 5,
"name": "group1",
"path": "group1",
"description": "",
"visibility": "public",
"lfs_enabled": false,
"avatar_url": null,
"web_url": "http://localhost/groups/group1",
"request_access_enabled": false,
"full_name": "group1",
"full_path": "group1",
"parent_id": null,
"ldap_cn": null,
"ldap_access": null
}
],
"protected_branches": [
{
"id": 1,
"name": "master",
"push_access_levels": [
{
"access_level": 30,
"access_level_description": "Developers + Maintainers"
}
],
"merge_access_levels": [
{
"access_level": 30,
"access_level_description": "Developers + Maintainers"
}
],
"unprotect_access_levels": [
{
"access_level": 40,
"access_level_description": "Maintainers"
}
],
"code_owner_approval_required": "false"
}
],
"contains_hidden_groups": false
}
]Get a single project-level rule
Introduced in GitLab 13.7.
You can request information about a single project approval rules using the following endpoint:
GET /projects/:id/approval_rules/:approval_rule_idParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
approval_rule_id |
integer | yes | The ID of a approval rule |
{
"id": 1,
"name": "security",
"rule_type": "regular",
"eligible_approvers": [
{
"id": 5,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
},
{
"id": 50,
"name": "Group Member 1",
"username": "group_member_1",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/group_member_1"
}
],
"approvals_required": 3,
"users": [
{
"id": 5,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
}
],
"groups": [
{
"id": 5,
"name": "group1",
"path": "group1",
"description": "",
"visibility": "public",
"lfs_enabled": false,
"avatar_url": null,
"web_url": "http://localhost/groups/group1",
"request_access_enabled": false,
"full_name": "group1",
"full_path": "group1",
"parent_id": null,
"ldap_cn": null,
"ldap_access": null
}
],
"protected_branches": [
{
"id": 1,
"name": "master",
"push_access_levels": [
{
"access_level": 30,
"access_level_description": "Developers + Maintainers"
}
],
"merge_access_levels": [
{
"access_level": 30,
"access_level_description": "Developers + Maintainers"
}
],
"unprotect_access_levels": [
{
"access_level": 40,
"access_level_description": "Maintainers"
}
],
"code_owner_approval_required": "false"
}
],
"contains_hidden_groups": false
}Create project-level rule
- Introduced in GitLab 12.3.
- Moved to GitLab Premium in 13.9.
WARNING: The Vulnerability-Check feature, including the Vulnerability-Check attributes listed here, is in its end-of-life process. It is deprecated in GitLab 14.8, and is planned for removal in GitLab 15.0. Users should migrate to the new Security Approval Policies.
You can create project approval rules using the following endpoint:
POST /projects/:id/approval_rulesParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
name |
string | yes | The name of the approval rule |
approvals_required |
integer | yes | The number of required approvals for this rule |
rule_type |
string | no | The type of rule. any_approver is a pre-configured default rule with approvals_required at 0. Other rules are regular. |
user_ids |
Array | no | The ids of users as approvers |
group_ids |
Array | no | The ids of groups as approvers |
protected_branch_ids |
Array | no | The IDs of protected branches to scope the rule by. To identify the ID, use the API. |
report_type |
string | no | The report type required when the rule type is report_approver. The supported report types are: vulnerability, license_scanning, code_coverage. The vulnerability report type is part of the Vulnerability-Check feature, which deprecated in GitLab 14.8, and planned for removal in GitLab 15.0. |
scanners |
Array | no | The security scanners the Vulnerability-Check approval rule considers. The supported scanners are: sast, secret_detection, dependency_scanning, container_scanning, dast, coverage_fuzzing, api_fuzzing. Defaults to all supported scanners. Deprecated in GitLab 14.8, and planned for removal in GitLab 15.0. |
severity_levels |
Array | no | The severity levels the Vulnerability-Check approval rule considers. The supported severity levels are: info, unknown, low, medium, high, critical. Defaults to unknown, high, and critical. Deprecated in GitLab 14.8, and planned for removal in GitLab 15.0. |
vulnerabilities_allowed |
integer | no | The number of vulnerabilities allowed for the Vulnerability-Check approval rule. Defaults to 0. Deprecated in GitLab 14.8, and planned for removal in GitLab 15.0. |
vulnerability_states |
Array | no | The vulnerability states the Vulnerability-Check approval rule considers. The supported vulnerability states are: newly_detected (default), detected, confirmed, resolved, dismissed. Deprecated in GitLab 14.8, and planned for removal in GitLab 15.0. |
{
"id": 1,
"name": "security",
"rule_type": "regular",
"eligible_approvers": [
{
"id": 2,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
},
{
"id": 50,
"name": "Group Member 1",
"username": "group_member_1",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/group_member_1"
}
],
"approvals_required": 1,
"users": [
{
"id": 2,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
}
],
"groups": [
{
"id": 5,
"name": "group1",
"path": "group1",
"description": "",
"visibility": "public",
"lfs_enabled": false,
"avatar_url": null,
"web_url": "http://localhost/groups/group1",
"request_access_enabled": false,
"full_name": "group1",
"full_path": "group1",
"parent_id": null,
"ldap_cn": null,
"ldap_access": null
}
],
"protected_branches": [
{
"id": 1,
"name": "master",
"push_access_levels": [
{
"access_level": 30,
"access_level_description": "Developers + Maintainers"
}
],
"merge_access_levels": [
{
"access_level": 30,
"access_level_description": "Developers + Maintainers"
}
],
"unprotect_access_levels": [
{
"access_level": 40,
"access_level_description": "Maintainers"
}
],
"code_owner_approval_required": "false"
}
],
"contains_hidden_groups": false
}You can increase the default number of 0 required approvers like this:
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \
--header 'Content-Type: application/json' \
--data '{"name": "Any name", "rule_type": "any_approver", "approvals_required": 2}'Another example is creating an additional, user-specific rule:
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \
--header 'Content-Type: application/json' \
--data '{"name": "Name of your rule", "approvals_required": 3, "user_ids": [123, 456, 789]}' \
https://gitlab.example.com/api/v4/projects/<project_id>/approval_rulesUpdate project-level rule
- Introduced in GitLab 12.3.
- Moved to GitLab Premium in 13.9.
WARNING: The Vulnerability-Check feature, including the Vulnerability-Check attributes listed here, is in its end-of-life process. It is deprecated in GitLab 14.8, and is planned for removal in GitLab 15.0. Users should migrate to the new Security Approval Policies.
You can update project approval rules using the following endpoint:
PUT /projects/:id/approval_rules/:approval_rule_idImportant: Approvers and groups not in the users/groups parameters are removed
Parameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
approval_rule_id |
integer | yes | The ID of a approval rule |
name |
string | yes | The name of the approval rule |
approvals_required |
integer | yes | The number of required approvals for this rule |
user_ids |
Array | no | The ids of users as approvers |
group_ids |
Array | no | The ids of groups as approvers |
protected_branch_ids |
Array | no | The IDs of protected branches to scope the rule by. To identify the ID, use the API. |
scanners |
Array | no | The security scanners the Vulnerability-Check approval rule considers. The supported scanners are: sast, secret_detection, dependency_scanning, container_scanning, dast, coverage_fuzzing, api_fuzzing. Defaults to all supported scanners. Deprecated in GitLab 14.8, and planned for removal in GitLab 15.0. |
severity_levels |
Array | no | The severity levels the Vulnerability-Check approval rule considers. The supported severity levels are: info, unknown, low, medium, high, critical. Defaults to unknown, high, and critical. Deprecated in GitLab 14.8, and planned for removal in GitLab 15.0. |
vulnerabilities_allowed |
integer | no | The number of vulnerabilities allowed for the Vulnerability-Check approval rule. Defaults to 0. Deprecated in GitLab 14.8, and planned for removal in GitLab 15.0. |
vulnerability_states |
Array | no | The vulnerability states the Vulnerability-Check approval rule considers. The supported vulnerability states are: newly_detected (default), detected, confirmed, resolved, dismissed. Deprecated in GitLab 14.8, and planned for removal in GitLab 15.0. |
{
"id": 1,
"name": "security",
"rule_type": "regular",
"eligible_approvers": [
{
"id": 2,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
},
{
"id": 50,
"name": "Group Member 1",
"username": "group_member_1",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/group_member_1"
}
],
"approvals_required": 1,
"users": [
{
"id": 2,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
}
],
"groups": [
{
"id": 5,
"name": "group1",
"path": "group1",
"description": "",
"visibility": "public",
"lfs_enabled": false,
"avatar_url": null,
"web_url": "http://localhost/groups/group1",
"request_access_enabled": false,
"full_name": "group1",
"full_path": "group1",
"parent_id": null,
"ldap_cn": null,
"ldap_access": null
}
],
"protected_branches": [
{
"id": 1,
"name": "master",
"push_access_levels": [
{
"access_level": 30,
"access_level_description": "Developers + Maintainers"
}
],
"merge_access_levels": [
{
"access_level": 30,
"access_level_description": "Developers + Maintainers"
}
],
"unprotect_access_levels": [
{
"access_level": 40,
"access_level_description": "Maintainers"
}
],
"code_owner_approval_required": "false"
}
],
"contains_hidden_groups": false
}Delete project-level rule
- Introduced in GitLab 12.3.
- Moved to GitLab Premium in 13.9.
You can delete project approval rules using the following endpoint:
DELETE /projects/:id/approval_rules/:approval_rule_idParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
approval_rule_id |
integer | yes | The ID of a approval rule |
Merge request-level MR approvals
Configuration for approvals on a specific merge request. Must be authenticated for all endpoints.
Get Configuration
Moved to GitLab Premium in 13.9.
You can request information about a merge request's approval status using the following endpoint:
GET /projects/:id/merge_requests/:merge_request_iid/approvalsParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
merge_request_iid |
integer | yes | The IID of MR |
{
"id": 5,
"iid": 5,
"project_id": 1,
"title": "Approvals API",
"description": "Test",
"state": "opened",
"created_at": "2016-06-08T00:19:52.638Z",
"updated_at": "2016-06-08T21:20:42.470Z",
"merge_status": "cannot_be_merged",
"approvals_required": 2,
"approvals_left": 1,
"approved_by": [
{
"user": {
"name": "Administrator",
"username": "root",
"id": 1,
"state": "active",
"avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80\u0026d=identicon",
"web_url": "http://localhost:3000/root"
}
}
]
}Change approval configuration
Moved to GitLab Premium in 13.9.
If you are allowed to, you can change approvals_required using the following
endpoint:
POST /projects/:id/merge_requests/:merge_request_iid/approvalsParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
merge_request_iid |
integer | yes | The IID of MR |
approvals_required |
integer | yes | Approvals required before MR can be merged. Deprecated in 12.0 in favor of Approval Rules API. |
{
"id": 5,
"iid": 5,
"project_id": 1,
"title": "Approvals API",
"description": "Test",
"state": "opened",
"created_at": "2016-06-08T00:19:52.638Z",
"updated_at": "2016-06-08T21:20:42.470Z",
"merge_status": "cannot_be_merged",
"approvals_required": 2,
"approvals_left": 2,
"approved_by": []
}Get the approval state of merge requests
- Introduced in GitLab 12.3.
- Moved to GitLab Premium in 13.9.
You can request information about a merge request's approval state by using the following endpoint:
GET /projects/:id/merge_requests/:merge_request_iid/approval_stateThe approval_rules_overwritten are true if the merge request level rules
are created for the merge request. If there are none, it is false.
This includes additional information about the users who have already approved
(approved_by) and whether a rule is already approved (approved).
Parameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
merge_request_iid |
integer | yes | The IID of MR |
{
"approval_rules_overwritten": true,
"rules": [
{
"id": 1,
"name": "Ruby",
"rule_type": "regular",
"eligible_approvers": [
{
"id": 4,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
}
],
"approvals_required": 2,
"users": [
{
"id": 4,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
}
],
"groups": [],
"contains_hidden_groups": false,
"approved_by": [
{
"id": 4,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
}
],
"source_rule": null,
"approved": true,
"overridden": false
}
]
}Get merge request level rules
- Introduced in GitLab 12.3.
- Moved to GitLab Premium in 13.9.
You can request information about a merge request's approval rules using the following endpoint:
GET /projects/:id/merge_requests/:merge_request_iid/approval_rulesParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
merge_request_iid |
integer | yes | The IID of MR |
[
{
"id": 1,
"name": "security",
"rule_type": "regular",
"eligible_approvers": [
{
"id": 5,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
},
{
"id": 50,
"name": "Group Member 1",
"username": "group_member_1",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/group_member_1"
}
],
"approvals_required": 3,
"source_rule": null,
"users": [
{
"id": 5,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
}
],
"groups": [
{
"id": 5,
"name": "group1",
"path": "group1",
"description": "",
"visibility": "public",
"lfs_enabled": false,
"avatar_url": null,
"web_url": "http://localhost/groups/group1",
"request_access_enabled": false,
"full_name": "group1",
"full_path": "group1",
"parent_id": null,
"ldap_cn": null,
"ldap_access": null
}
],
"contains_hidden_groups": false,
"overridden": false
}
]Get a single merge request level rule
Introduced in GitLab 14.10.
You can request information about a single merge request approval rule using the following endpoint:
GET /projects/:id/merge_requests/:merge_request_iid/approval_rules/:approval_rule_idParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project. |
merge_request_iid |
integer | yes | The IID of a merge request. |
approval_rule_id |
integer | yes | The ID of an approval rule. |
{
"id": 1,
"name": "security",
"rule_type": "regular",
"eligible_approvers": [
{
"id": 5,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
},
{
"id": 50,
"name": "Group Member 1",
"username": "group_member_1",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/group_member_1"
}
],
"approvals_required": 3,
"source_rule": null,
"users": [
{
"id": 5,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
}
],
"groups": [
{
"id": 5,
"name": "group1",
"path": "group1",
"description": "",
"visibility": "public",
"lfs_enabled": false,
"avatar_url": null,
"web_url": "http://localhost/groups/group1",
"request_access_enabled": false,
"full_name": "group1",
"full_path": "group1",
"parent_id": null,
"ldap_cn": null,
"ldap_access": null
}
],
"contains_hidden_groups": false,
"overridden": false
}Create merge request level rule
- Introduced in GitLab 12.3.
- Moved to GitLab Premium in 13.9.
You can create merge request approval rules using the following endpoint:
POST /projects/:id/merge_requests/:merge_request_iid/approval_rulesParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
merge_request_iid |
integer | yes | The IID of MR |
name |
string | yes | The name of the approval rule |
approvals_required |
integer | yes | The number of required approvals for this rule |
approval_project_rule_id |
integer | no | The ID of a project-level approval rule |
user_ids |
Array | no | The ids of users as approvers |
group_ids |
Array | no | The ids of groups as approvers |
Important: When approval_project_rule_id is set, the name, users and
groups of project-level rule are copied. The approvals_required specified
is used.
{
"id": 1,
"name": "security",
"rule_type": "regular",
"eligible_approvers": [
{
"id": 2,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
},
{
"id": 50,
"name": "Group Member 1",
"username": "group_member_1",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/group_member_1"
}
],
"approvals_required": 1,
"source_rule": null,
"users": [
{
"id": 2,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
}
],
"groups": [
{
"id": 5,
"name": "group1",
"path": "group1",
"description": "",
"visibility": "public",
"lfs_enabled": false,
"avatar_url": null,
"web_url": "http://localhost/groups/group1",
"request_access_enabled": false,
"full_name": "group1",
"full_path": "group1",
"parent_id": null,
"ldap_cn": null,
"ldap_access": null
}
],
"contains_hidden_groups": false,
"overridden": false
}Update merge request level rule
- Introduced in GitLab 12.3.
- Moved to GitLab Premium in 13.9.
You can update merge request approval rules using the following endpoint:
PUT /projects/:id/merge_requests/:merge_request_iid/approval_rules/:approval_rule_idImportant: Approvers and groups not in the users/groups parameters are removed
Important: Updating a report_approver or code_owner rule is not allowed.
These are system generated rules.
Parameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project. |
merge_request_iid |
integer | yes | The IID of a merge request. |
approval_rule_id |
integer | yes | The ID of an approval rule. |
name |
string | yes | The name of the approval rule. |
approvals_required |
integer | yes | The number of required approvals for this rule. |
user_ids |
Array | no | The IDs of users as approvers. |
group_ids |
Array | no | The IDs of groups as approvers. |
{
"id": 1,
"name": "security",
"rule_type": "regular",
"eligible_approvers": [
{
"id": 2,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
},
{
"id": 50,
"name": "Group Member 1",
"username": "group_member_1",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/group_member_1"
}
],
"approvals_required": 1,
"source_rule": null,
"users": [
{
"id": 2,
"name": "John Doe",
"username": "jdoe",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/0?s=80&d=identicon",
"web_url": "http://localhost/jdoe"
}
],
"groups": [
{
"id": 5,
"name": "group1",
"path": "group1",
"description": "",
"visibility": "public",
"lfs_enabled": false,
"avatar_url": null,
"web_url": "http://localhost/groups/group1",
"request_access_enabled": false,
"full_name": "group1",
"full_path": "group1",
"parent_id": null,
"ldap_cn": null,
"ldap_access": null
}
],
"contains_hidden_groups": false,
"overridden": false
}Delete merge request level rule
- Introduced in GitLab 12.3.
- Moved to GitLab Premium in 13.9.
You can delete merge request approval rules using the following endpoint:
DELETE /projects/:id/merge_requests/:merge_request_iid/approval_rules/:approval_rule_idImportant: Deleting a report_approver or code_owner rule is not allowed.
These are system generated rules.
Parameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
merge_request_iid |
integer | yes | The IID of the merge request |
approval_rule_id |
integer | yes | The ID of an approval rule |
Approve merge request
Moved to GitLab Premium in 13.9.
If you are allowed to, you can approve a merge request using the following endpoint:
POST /projects/:id/merge_requests/:merge_request_iid/approveParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
merge_request_iid |
integer | yes | The IID of the merge request |
sha |
string | no | The HEAD of the merge request |
approval_password |
string | no | Current user's password. Required if Require user password to approve is enabled in the project settings. |
The sha parameter works in the same way as
when accepting a merge request: if it is passed, then it must
match the current HEAD of the merge request for the approval to be added. If it
does not match, the response code is 409.
{
"id": 5,
"iid": 5,
"project_id": 1,
"title": "Approvals API",
"description": "Test",
"state": "opened",
"created_at": "2016-06-08T00:19:52.638Z",
"updated_at": "2016-06-09T21:32:14.105Z",
"merge_status": "can_be_merged",
"approvals_required": 2,
"approvals_left": 0,
"approved_by": [
{
"user": {
"name": "Administrator",
"username": "root",
"id": 1,
"state": "active",
"avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80\u0026d=identicon",
"web_url": "http://localhost:3000/root"
}
},
{
"user": {
"name": "Nico Cartwright",
"username": "ryley",
"id": 2,
"state": "active",
"avatar_url": "http://www.gravatar.com/avatar/cf7ad14b34162a76d593e3affca2adca?s=80\u0026d=identicon",
"web_url": "http://localhost:3000/ryley"
}
}
]
}Unapprove merge request
Moved to GitLab Premium in 13.9.
If you did approve a merge request, you can unapprove it using the following endpoint:
POST /projects/:id/merge_requests/:merge_request_iid/unapproveParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer or string | yes | The ID or URL-encoded path of a project |
merge_request_iid |
integer | yes | The IID of a merge request |