3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-16 17:52:44 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/docs/docs/identity-providers/gitlab.md
Ogundele Olumide e0dd6734d3
an attempt to improve the identity provider docs (#608)
2020-04-13 11:30:29 -07:00

1.7 KiB
Raw Blame History

title lang sidebarDepth meta
GitLab en-US 0
name content
keywords gitlab oidc openid-connect identity-provider

GitLab

This document describes the use of GitLab as an identity provider with Pomerium.

Setting up GitLab OAuth2 for your Application

  1. Log in to your GitLab account or create one here.

  2. Go to the user settings which can be found in the user profile to create an application like below:

create an application

  1. Add a new application by setting the following parameters:
Field Description
Name The name of your web app
Redirect URI https://${authenticate_service_url}/oauth2/callback
Scopes Must select read_user and openid

Your Client ID and Client Secret will be displayed like below:

Gitlab OAuth Client ID and Secret

  1. Set Client ID and Client Secret in Pomerium's settings.

Your configuration should look like the following example:

authenticate_service_url: https://authenticate.localhost.pomerium.io
idp_provider: "gitlab"
idp_client_id: "REDACTED"   // gitlab application ID
idp_client_secret: "REDACTED"   // gitlab application secret

When a user first uses pomerium to login, they will be presented with an authorization screen similar to the following depending on the scope parameters setup:

gitlab access authorization screen

Please be aware that Group ID will be used to affirm group(s) a user belongs to.