Commit 10e4e211 authored by Sytse Sijbrandij's avatar Sytse Sijbrandij

Improve the explanation and linking of the Oauth docs.

parent 5555c4d9
...@@ -10,6 +10,7 @@ ...@@ -10,6 +10,7 @@
- [SSH](ssh/README.md) Setup your ssh keys and deploy keys for secure access to your projects. - [SSH](ssh/README.md) Setup your ssh keys and deploy keys for secure access to your projects.
- [Web hooks](web_hooks/web_hooks.md) Let GitLab notify you when new code has been pushed to your project. - [Web hooks](web_hooks/web_hooks.md) Let GitLab notify you when new code has been pushed to your project.
- [Workflow](workflow/README.md) Using GitLab functionality and importing projects from GitHub and SVN. - [Workflow](workflow/README.md) Using GitLab functionality and importing projects from GitHub and SVN.
- [OAuth2 provider](integration/oauth_provider.md) to allow you to login to other applications from GitLab.
## Administrator documentation ## Administrator documentation
......
...@@ -22,6 +22,7 @@ ...@@ -22,6 +22,7 @@
## Clients ## Clients
Find API Clients for GitLab [on our website](https://about.gitlab.com/applications/#api-clients). Find API Clients for GitLab [on our website](https://about.gitlab.com/applications/#api-clients).
You can use [GitLab as an OAuth2 client](oauth2.md) to make API calls.
## Introduction ## Introduction
...@@ -67,7 +68,7 @@ curl https://localhost:3000/api/v3/user?access_token=OAUTH-TOKEN ...@@ -67,7 +68,7 @@ curl https://localhost:3000/api/v3/user?access_token=OAUTH-TOKEN
curl -H "Authorization: Bearer OAUTH-TOKEN" https://localhost:3000/api/v3/user curl -H "Authorization: Bearer OAUTH-TOKEN" https://localhost:3000/api/v3/user
``` ```
Read more about [OAuth2 in GitLab](oauth2.md). Read more about [GitLab as an OAuth2 client](oauth2.md).
## Status codes ## Status codes
......
# OAuth2 authentication # GitLab as an OAuth2 client
OAuth2 is a protocol that enables us to get access to private details of user's account without getting its password. This document is about using other OAuth authentication service providers to sign into GitLab.
If you want GitLab to be an OAuth authentication service provider to sign into other services please see the [Oauth2 provider documentation](../integration/oauth_provider.md).
Before using the OAuth2 you should create an application in user's account. Each application getting unique App ID and App Secret parameters. You should not share them. OAuth2 is a protocol that enables us to authenticate a user without requiring them to give their password.
Before using the OAuth2 you should create an application in user's account. Each application gets a unique App ID and App Secret parameters. You should not share these.
This functionality is based on [doorkeeper gem](https://github.com/doorkeeper-gem/doorkeeper) This functionality is based on [doorkeeper gem](https://github.com/doorkeeper-gem/doorkeeper)
## Web Application Flow ## Web Application Flow
This flow is using for authentication from third-party web sites and probably is most used. This flow is using for authentication from third-party web sites and is probably used the most.
It basically consists of an exchange of an authorization token for an access token. For more detailed info, check out the [RFC spec here](http://tools.ietf.org/html/rfc6749#section-4.1) It basically consists of an exchange of an authorization token for an access token. For more detailed info, check out the [RFC spec here](http://tools.ietf.org/html/rfc6749#section-4.1)
This flow consists from 3 steps. This flow consists from 3 steps.
......
...@@ -8,9 +8,8 @@ See the documentation below for details on how to configure these services. ...@@ -8,9 +8,8 @@ See the documentation below for details on how to configure these services.
- [LDAP](ldap.md) Set up sign in via LDAP - [LDAP](ldap.md) Set up sign in via LDAP
- [OmniAuth](omniauth.md) Sign in via Twitter, GitHub, GitLab, and Google via OAuth. - [OmniAuth](omniauth.md) Sign in via Twitter, GitHub, GitLab, and Google via OAuth.
- [Slack](slack.md) Integrate with the Slack chat service - [Slack](slack.md) Integrate with the Slack chat service
- [OAuth2 provider](oauth_provider.md) OAuth2 application creation
Jenkins support is [available in GitLab EE](http://doc.gitlab.com/ee/integration/jenkins.html). GitLab Enterprise Edition contains [advanced JIRA support](http://doc.gitlab.com/ee/integration/jira.html) and [advanced Jenkins support](http://doc.gitlab.com/ee/integration/jenkins.html).
## Project services ## Project services
......
...@@ -8,6 +8,8 @@ GitLab has a great issue tracker but you can also use an external issue tracker ...@@ -8,6 +8,8 @@ GitLab has a great issue tracker but you can also use an external issue tracker
![Jira screenshot](jira-integration-points.png) ![Jira screenshot](jira-integration-points.png)
GitLab Enterprise Edition contains [advanced JIRA support](http://doc.gitlab.com/ee/integration/jira.html).
## Configuration ## Configuration
### Project Service ### Project Service
...@@ -23,7 +25,6 @@ Fill in the required details on the page: ...@@ -23,7 +25,6 @@ Fill in the required details on the page:
* `issues_url` The URL to the issue in Redmine project that is linked to this GitLab project. Note that the `issues_url` requires `:id` in the url. This id is used by GitLab as a placeholder to replace the issue number. * `issues_url` The URL to the issue in Redmine project that is linked to this GitLab project. Note that the `issues_url` requires `:id` in the url. This id is used by GitLab as a placeholder to replace the issue number.
* `new_issue_url` This is the URL to create a new issue in Redmine for the project linked to this GitLab project. * `new_issue_url` This is the URL to create a new issue in Redmine for the project linked to this GitLab project.
### Service Template ### Service Template
It is necessary to configure the external issue tracker per project, because project specific details are needed for the integration with GitLab. It is necessary to configure the external issue tracker per project, because project specific details are needed for the integration with GitLab.
......
## GitLab as OAuth2 provider ## GitLab as OAuth2 authentication service provider
This document is about using GitLab as an OAuth authentication service provider to sign into other services.
If you want to use other OAuth authentication service providers to sign into GitLab please see the [OAuth2 client documentation](../api/oauth2.md)
OAuth2 provides client applications a 'secure delegated access' to server resources on behalf of a resource owner. Or you can allow users to sign in to your application with their GitLab.com account. OAuth2 provides client applications a 'secure delegated access' to server resources on behalf of a resource owner. Or you can allow users to sign in to your application with their GitLab.com account.
In fact OAuth allows to issue access token to third-party clients by an authorization server, In fact OAuth allows to issue access token to third-party clients by an authorization server,
with the approval of the resource owner, or end-user. with the approval of the resource owner, or end-user.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment