5.4 KiB
stage, group, info, title
| stage | group | info | title |
|---|---|---|---|
| Software Supply Chain Security | Authorization | Any user with at least the Maintainer role can merge updates to this content. For details, see https://docs.gitlab.com/development/development_processes/#development-guidelines-review. | Identity verification development |
For information on this feature that are not development-specific, see the feature documentation.
Logging
You can triage and debug issues raised by identity verification with the GitLab production logs.
View logs associated to a user and email verification
To view logs associated to the email stage for a user:
-
Query the GitLab production logs with the following KQL:
json.controller:"RegistrationsIdentityVerificationController" AND json.username:replace_username_here
Valuable debugging information can be found in the json.action and json.location columns.
View logs associated to a user and phone verification
To view logs associated to the phone stage for a user:
-
Query the GitLab production logs with the following KQL:
json.message: "IdentityVerification::Phone" AND json.username:replace_username_here
On rows where json.event is Failed Attempt, you can find valuable debugging information in the json.reason column such as:
| Reason | Description |
|---|---|
invalid_phone_number |
Either there was a typo in the phone number, or the user used a VOIP number. GitLab does not allow users to sign up with non-mobile phone numbers. |
invalid_code |
The user entered an incorrect verification code. |
rate_limited |
The user had 10 or more failed attempts, so they were rate-limited for one hour. |
related_to_banned_user |
The user tried a phone number already related to a banned user. |
View Telesign SMS status update logs
To view Telesign status updates logs for SMS sent to a user, query the GitLab production logs with:
json.message: "IdentityVerification::Phone" AND json.event: "Telesign transaction status update" AND json.username:<username>
Status update logs include the following fields:
| Field | Description |
|---|---|
telesign_status |
Delivery status of the SMS. See the Telesign documentation for possible status codes and their descriptions. |
telesign_status_updated_on |
A timestamp indicating when the SMS delivery status was last updated. |
telesign_errors |
Errors that occurred during delivery. See the Telesign documentation for possible error codes and their descriptions. |
View logs associated to a user and credit card verification
To view logs associated to the credit card stage for a user:
-
Query the GitLab production logs with the following KQL:
json.message: "IdentityVerification::CreditCard" AND json.username:replace_username_here
On rows where json.event is Failed Attempt, you can find valuable debugging information in the json.reason column such as:
| Reason | Description |
|---|---|
rate_limited |
The user had 10 or more failed attempts, so they were rate-limited for one hour. |
related_to_banned_user |
The user tried a credit card number already related to a banned user. |
View logs associated with high-risk users
To view logs associated with the credit card stage for high-risk users:
-
Query the GitLab production logs with the following KQL:
json.controller:"GitlabSubscriptions::SubscriptionsController" AND json.action:"payment_form" AND json.params.value:"cc_registration_validation"
Code walkthrough
For a walkthrough and high level explanation of the code, see Identity Verification - Code walkthrough.
QA Integration
For end-to-end production and staging tests to function properly, GitLab allows QA users to bypass Account email Verification when:
- The
User-Agentfor the request matches the configuredGITLAB_QA_USER_AGENT. - Disable email verification
Additional resources
The Anti-abuse team owns identity verification. You can join our channel on Slack: #g_anti-abuse.
For help with Telesign:
- Telesign/GitLab collaboration channel on Slack: #gitlab-telesign-support
- Telesign support contact:
support@telesign.com - Telesign portal
- Telesign documentation