This feature is in
Netlify’s Git Gateway connects your site to Git provider’s API, allowing tools like Netlify CMS to work with content, branches, and pull requests on your users’ behalf.
For a working example using Git Gateway with Netlify Identity service and Netlify CMS to let users edit site content without having accounts on GitHub or GitLab, or repository write privileges, try deploying this repository:
After selecting Deploy to Netlify above, you can follow the instructions for adding Identity users to the project. Any Identity users you add will have access to edit site content with Netlify CMS, without a GitHub/GitLab account or access to the repository.
That’s one example of something awesome that you can do with Git Gateway. To add Git Gateway to your existing web projects, check out the instructions below.
If you’re using a custom domain, make sure you have HTTPS working before enabling Git Gateway on your site.
Sites using Git Gateway must have a repository available on GitHub.com or GitLab.com. Self-hosted repositories on a GitHub Enterprise Server or a GitLab self-managed instance aren‘t supported.
# Setup and settings
To get started using Git Gateway on a site, first enable Identity service, then go to Site settings > Identity > Services > Git Gateway, and select Enable Git Gateway. This will automatically provision your site so that Identity users have access to Git Gateway’s selected endpoints on your site’s connected GitHub.com or GitLab.com-hosted repository.
You can change the settings as follows:
- Repository: indicates which repository the Gateway will access (the site’s connected repository). Works with repositories hosted on GitHub.com or GitLab.com only. Self-hosted Git instances aren't supported. This setting is not directly editable.
- Roles: limits Gateway access to Identity users assigned a matching role (in individual Identity user data). Accepts multiple values. Leaving this field blank will give access to all Identity users on the site.
- GitHub/GitLab API access token: grants permission to the linked repository. Use the link to generate a token, or you may supply your own Personal Access Token. Be sure the token is generated for a user with sufficient permission on your linked repository to perform the actions you want to pass through the Gateway.
# Reconnect after changing repository permissions
If you change ownership on your repository, or convert a repository from public to private, you may need to reconnect Git Gateway with proper permissions:
- Go to Site settings > Build & deploy > Continuous Deployment > Build settings to re-link the repository.
- Go to Site settings > Identity > Services > Git Gateway to add a new API access token following the instructions in the section above.
Once the Git Gateway is active, you can talk to your Git provider’s API from your site via
/.netlify/git/<git-provider-name>. Requests will be scoped to the selected repository, so for a request like:
The Gateway will proxy an authenticated version of your request to the matching endpoint in the Git provider’s API:
GitLab path formatting
GitLab’s namespaced path encoding rule requires a url-encoded
%2F between the user and repository names.
The Gateway limits access to the following sub endpoints of the repository:
/repos/:owner/:name/git/ /repos/:owner/:name/contents/ /repos/:owner/:name/pulls/ /repos/:owner/:name/branches/
/repos/:owner/:name/files/ /repos/:owner/:name/commits/ /repos/:owner/:name/tree/
Contact us if you have a use case that requires broader access.
Did you find this doc useful?
Your feedback helps us improve our docs.