GitLab CI/CD · Capability

GitLab API — access_requests

GitLab API — access_requests. 8 operations. Lead operation: Gets a list of access requests for a group.. Self-contained Naftiko capability covering one Gitlab Ci business surface.

Run with Naftiko Gitlab Ciaccess_requests

What You Can Do

GET
Getapiv4groupsidaccessrequests — Gets a list of access requests for a group.
/v1/api/v4/groups/{id}/access-requests
POST
Postapiv4groupsidaccessrequests — Requests access for the authenticated user to a group.
/v1/api/v4/groups/{id}/access-requests
DELETE
Deleteapiv4groupsidaccessrequestsuserid — Denies an access request for the given user.
/v1/api/v4/groups/{id}/access-requests/{user-id}
PUT
Putapiv4groupsidaccessrequestsuseridapprove — Approves an access request for the given user.
/v1/api/v4/groups/{id}/access-requests/{user-id}/approve
GET
Getapiv4projectsidaccessrequests — Gets a list of access requests for a project.
/v1/api/v4/projects/{id}/access-requests
POST
Postapiv4projectsidaccessrequests — Requests access for the authenticated user to a project.
/v1/api/v4/projects/{id}/access-requests
DELETE
Deleteapiv4projectsidaccessrequestsuserid — Denies an access request for the given user.
/v1/api/v4/projects/{id}/access-requests/{user-id}
PUT
Putapiv4projectsidaccessrequestsuseridapprove — Approves an access request for the given user.
/v1/api/v4/projects/{id}/access-requests/{user-id}/approve

MCP Tools

gets-list-access-requests-group

Gets a list of access requests for a group.

read-only idempotent
requests-access-authenticated-user-group

Requests access for the authenticated user to a group.

denies-access-request-given-user

Denies an access request for the given user.

idempotent
approves-access-request-given-user

Approves an access request for the given user.

idempotent
gets-list-access-requests-project

Gets a list of access requests for a project.

read-only idempotent
requests-access-authenticated-user-project

Requests access for the authenticated user to a project.

denies-access-request-given-user-2

Denies an access request for the given user.

idempotent
approves-access-request-given-user-2

Approves an access request for the given user.

idempotent

Capability Spec

gitlab-ci-access-requests.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: GitLab API — access_requests
  description: 'GitLab API — access_requests. 8 operations. Lead operation: Gets a list of access requests for a group.. Self-contained
    Naftiko capability covering one Gitlab Ci business surface.'
  tags:
  - Gitlab Ci
  - access_requests
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    GITLAB_CI_API_KEY: GITLAB_CI_API_KEY
capability:
  consumes:
  - type: http
    namespace: gitlab-ci-access-requests
    baseUri: https://gitlab.com
    description: GitLab API — access_requests business capability. Self-contained, no shared references.
    resources:
    - name: api-v4-groups-id-access_requests
      path: /api/v4/groups/{id}/access_requests
      operations:
      - name: getapiv4groupsidaccessrequests
        method: GET
        description: Gets a list of access requests for a group.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: The ID or URL-encoded path of the group owned by the authenticated user
          required: true
        - name: page
          in: query
          type: integer
          description: Current page number
        - name: per_page
          in: query
          type: integer
          description: Number of items per page
      - name: postapiv4groupsidaccessrequests
        method: POST
        description: Requests access for the authenticated user to a group.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: The ID or URL-encoded path of the group owned by the authenticated user
          required: true
    - name: api-v4-groups-id-access_requests-user_id
      path: /api/v4/groups/{id}/access_requests/{user_id}
      operations:
      - name: deleteapiv4groupsidaccessrequestsuserid
        method: DELETE
        description: Denies an access request for the given user.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: The ID or URL-encoded path of the group owned by the authenticated user
          required: true
        - name: user_id
          in: path
          type: integer
          description: The user ID of the access requester
          required: true
    - name: api-v4-groups-id-access_requests-user_id-approve
      path: /api/v4/groups/{id}/access_requests/{user_id}/approve
      operations:
      - name: putapiv4groupsidaccessrequestsuseridapprove
        method: PUT
        description: Approves an access request for the given user.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: The ID or URL-encoded path of the group owned by the authenticated user
          required: true
        - name: user_id
          in: path
          type: integer
          description: The user ID of the access requester
          required: true
        - name: putApiV4GroupsIdAccessRequestsUserIdApprove
          in: body
          type: string
          required: true
    - name: api-v4-projects-id-access_requests
      path: /api/v4/projects/{id}/access_requests
      operations:
      - name: getapiv4projectsidaccessrequests
        method: GET
        description: Gets a list of access requests for a project.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: The ID or URL-encoded path of the project owned by the authenticated user
          required: true
        - name: page
          in: query
          type: integer
          description: Current page number
        - name: per_page
          in: query
          type: integer
          description: Number of items per page
      - name: postapiv4projectsidaccessrequests
        method: POST
        description: Requests access for the authenticated user to a project.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: The ID or URL-encoded path of the project owned by the authenticated user
          required: true
    - name: api-v4-projects-id-access_requests-user_id
      path: /api/v4/projects/{id}/access_requests/{user_id}
      operations:
      - name: deleteapiv4projectsidaccessrequestsuserid
        method: DELETE
        description: Denies an access request for the given user.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: The ID or URL-encoded path of the project owned by the authenticated user
          required: true
        - name: user_id
          in: path
          type: integer
          description: The user ID of the access requester
          required: true
    - name: api-v4-projects-id-access_requests-user_id-approve
      path: /api/v4/projects/{id}/access_requests/{user_id}/approve
      operations:
      - name: putapiv4projectsidaccessrequestsuseridapprove
        method: PUT
        description: Approves an access request for the given user.
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: The ID or URL-encoded path of the project owned by the authenticated user
          required: true
        - name: user_id
          in: path
          type: integer
          description: The user ID of the access requester
          required: true
        - name: putApiV4ProjectsIdAccessRequestsUserIdApprove
          in: body
          type: string
          required: true
  exposes:
  - type: rest
    namespace: gitlab-ci-access-requests-rest
    port: 8080
    description: REST adapter for GitLab API — access_requests. One Spectral-compliant resource per consumed operation, prefixed
      with /v1.
    resources:
    - path: /v1/api/v4/groups/{id}/access-requests
      name: api-v4-groups-id-access-requests
      description: REST surface for api-v4-groups-id-access_requests.
      operations:
      - method: GET
        name: getapiv4groupsidaccessrequests
        description: Gets a list of access requests for a group.
        call: gitlab-ci-access-requests.getapiv4groupsidaccessrequests
        with:
          id: rest.id
          page: rest.page
          per_page: rest.per_page
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: postapiv4groupsidaccessrequests
        description: Requests access for the authenticated user to a group.
        call: gitlab-ci-access-requests.postapiv4groupsidaccessrequests
        with:
          id: rest.id
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v4/groups/{id}/access-requests/{user-id}
      name: api-v4-groups-id-access-requests-user-id
      description: REST surface for api-v4-groups-id-access_requests-user_id.
      operations:
      - method: DELETE
        name: deleteapiv4groupsidaccessrequestsuserid
        description: Denies an access request for the given user.
        call: gitlab-ci-access-requests.deleteapiv4groupsidaccessrequestsuserid
        with:
          id: rest.id
          user_id: rest.user_id
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v4/groups/{id}/access-requests/{user-id}/approve
      name: api-v4-groups-id-access-requests-user-id-approve
      description: REST surface for api-v4-groups-id-access_requests-user_id-approve.
      operations:
      - method: PUT
        name: putapiv4groupsidaccessrequestsuseridapprove
        description: Approves an access request for the given user.
        call: gitlab-ci-access-requests.putapiv4groupsidaccessrequestsuseridapprove
        with:
          id: rest.id
          user_id: rest.user_id
          putApiV4GroupsIdAccessRequestsUserIdApprove: rest.putApiV4GroupsIdAccessRequestsUserIdApprove
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v4/projects/{id}/access-requests
      name: api-v4-projects-id-access-requests
      description: REST surface for api-v4-projects-id-access_requests.
      operations:
      - method: GET
        name: getapiv4projectsidaccessrequests
        description: Gets a list of access requests for a project.
        call: gitlab-ci-access-requests.getapiv4projectsidaccessrequests
        with:
          id: rest.id
          page: rest.page
          per_page: rest.per_page
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: postapiv4projectsidaccessrequests
        description: Requests access for the authenticated user to a project.
        call: gitlab-ci-access-requests.postapiv4projectsidaccessrequests
        with:
          id: rest.id
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v4/projects/{id}/access-requests/{user-id}
      name: api-v4-projects-id-access-requests-user-id
      description: REST surface for api-v4-projects-id-access_requests-user_id.
      operations:
      - method: DELETE
        name: deleteapiv4projectsidaccessrequestsuserid
        description: Denies an access request for the given user.
        call: gitlab-ci-access-requests.deleteapiv4projectsidaccessrequestsuserid
        with:
          id: rest.id
          user_id: rest.user_id
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/v4/projects/{id}/access-requests/{user-id}/approve
      name: api-v4-projects-id-access-requests-user-id-approve
      description: REST surface for api-v4-projects-id-access_requests-user_id-approve.
      operations:
      - method: PUT
        name: putapiv4projectsidaccessrequestsuseridapprove
        description: Approves an access request for the given user.
        call: gitlab-ci-access-requests.putapiv4projectsidaccessrequestsuseridapprove
        with:
          id: rest.id
          user_id: rest.user_id
          putApiV4ProjectsIdAccessRequestsUserIdApprove: rest.putApiV4ProjectsIdAccessRequestsUserIdApprove
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: gitlab-ci-access-requests-mcp
    port: 9090
    transport: http
    description: MCP adapter for GitLab API — access_requests. One tool per consumed operation, routed inline through this
      capability's consumes block.
    tools:
    - name: gets-list-access-requests-group
      description: Gets a list of access requests for a group.
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: gitlab-ci-access-requests.getapiv4groupsidaccessrequests
      with:
        id: tools.id
        page: tools.page
        per_page: tools.per_page
      outputParameters:
      - type: object
        mapping: $.
    - name: requests-access-authenticated-user-group
      description: Requests access for the authenticated user to a group.
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: gitlab-ci-access-requests.postapiv4groupsidaccessrequests
      with:
        id: tools.id
      outputParameters:
      - type: object
        mapping: $.
    - name: denies-access-request-given-user
      description: Denies an access request for the given user.
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: gitlab-ci-access-requests.deleteapiv4groupsidaccessrequestsuserid
      with:
        id: tools.id
        user_id: tools.user_id
      outputParameters:
      - type: object
        mapping: $.
    - name: approves-access-request-given-user
      description: Approves an access request for the given user.
      hints:
        readOnly: false
        destructive: false
        idempotent: true
      call: gitlab-ci-access-requests.putapiv4groupsidaccessrequestsuseridapprove
      with:
        id: tools.id
        user_id: tools.user_id
        putApiV4GroupsIdAccessRequestsUserIdApprove: tools.putApiV4GroupsIdAccessRequestsUserIdApprove
      outputParameters:
      - type: object
        mapping: $.
    - name: gets-list-access-requests-project
      description: Gets a list of access requests for a project.
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: gitlab-ci-access-requests.getapiv4projectsidaccessrequests
      with:
        id: tools.id
        page: tools.page
        per_page: tools.per_page
      outputParameters:
      - type: object
        mapping: $.
    - name: requests-access-authenticated-user-project
      description: Requests access for the authenticated user to a project.
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: gitlab-ci-access-requests.postapiv4projectsidaccessrequests
      with:
        id: tools.id
      outputParameters:
      - type: object
        mapping: $.
    - name: denies-access-request-given-user-2
      description: Denies an access request for the given user.
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: gitlab-ci-access-requests.deleteapiv4projectsidaccessrequestsuserid
      with:
        id: tools.id
        user_id: tools.user_id
      outputParameters:
      - type: object
        mapping: $.
    - name: approves-access-request-given-user-2
      description: Approves an access request for the given user.
      hints:
        readOnly: false
        destructive: false
        idempotent: true
      call: gitlab-ci-access-requests.putapiv4projectsidaccessrequestsuseridapprove
      with:
        id: tools.id
        user_id: tools.user_id
        putApiV4ProjectsIdAccessRequestsUserIdApprove: tools.putApiV4ProjectsIdAccessRequestsUserIdApprove
      outputParameters:
      - type: object
        mapping: $.