Commit 16971745 authored by manojmj's avatar manojmj

Add documentation on password generation for authentication methods

This change adds documentation on password generation
for authentication methods
parent 979c663f
...@@ -312,7 +312,7 @@ attribute. As a prerequisite, you must use an LDAP server that: ...@@ -312,7 +312,7 @@ attribute. As a prerequisite, you must use an LDAP server that:
## Passwords for users created via smartcard authentication ## Passwords for users created via smartcard authentication
The [How we generate passwords for users created via integrated authentication methods](../../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via smartcard authentication. The [Generated passwords for users created through integrated authentication](../../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via smartcard authentication.
<!-- ## Troubleshooting <!-- ## Troubleshooting
......
...@@ -327,4 +327,4 @@ You may also bypass the auto signin feature by browsing to ...@@ -327,4 +327,4 @@ You may also bypass the auto signin feature by browsing to
## Passwords for users created via OmniAuth ## Passwords for users created via OmniAuth
The [How we generate passwords for users created via integrated authentication methods](../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via OmniAuth. The [Generated passwords for users created through integrated authentication](../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via OmniAuth.
...@@ -586,7 +586,7 @@ Refer to the documentation for your SAML Identity Provider for information on ho ...@@ -586,7 +586,7 @@ Refer to the documentation for your SAML Identity Provider for information on ho
## Passwords for users created via SAML ## Passwords for users created via SAML
The [How we generate passwords for users created via integrated authentication methods](../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via SAML. The [Generated passwords for users created through integrated authentication](../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via SAML.
## Troubleshooting ## Troubleshooting
......
...@@ -7,7 +7,7 @@ type: index ...@@ -7,7 +7,7 @@ type: index
- [Password storage](password_storage.md) - [Password storage](password_storage.md)
- [Password length limits](password_length_limits.md) - [Password length limits](password_length_limits.md)
- [How we generate passwords for users created via integrated authentication methods](passwords_for_integrated_authentication_methods.md) - [Generated passwords for users created through integrated authentication](passwords_for_integrated_authentication_methods.md)
- [Restrict SSH key technologies and minimum length](ssh_keys_restrictions.md) - [Restrict SSH key technologies and minimum length](ssh_keys_restrictions.md)
- [Rate limits](rate_limits.md) - [Rate limits](rate_limits.md)
- [Webhooks and insecure internal web services](webhooks.md) - [Webhooks and insecure internal web services](webhooks.md)
......
...@@ -2,11 +2,12 @@ ...@@ -2,11 +2,12 @@
type: reference type: reference
--- ---
# How we generate passwords for users created via integrated authentication methods # Generated passwords for users created through integrated authentication
GitLab allows users to create accounts using different [authentication methods](../administration/auth/README.md) like OmniAuth, SAML, SCIM, Smartcard authentication etc. GitLab allows users to set up accounts through integration with external [authentication and authorization providers](../administration/auth/README.md).
These authentication methods does not require the user to explicitly create a password for their account upon signup. However, to maintain data consistency, GitLab requires each user account to have a password associated with it. These authentication methods do not require the user to explicitly create a password for their accounts.
However, to maintain data consistency, GitLab requires passwords for all user accounts.
For such accounts, we use the [`friendly_token`](https://github.com/heartcombo/devise/blob/f26e05c20079c9acded3c0ee16da0df435a28997/lib/devise.rb#L492) method provided by the Devise gem to generate a random, unique and secure password and sets it as the account password during sign up. For such accounts, we use the [`friendly_token`](https://github.com/heartcombo/devise/blob/f26e05c20079c9acded3c0ee16da0df435a28997/lib/devise.rb#L492) method provided by the Devise gem to generate a random, unique and secure password and sets it as the account password during sign up.
......
...@@ -302,7 +302,7 @@ Group SAML on a self-managed instance is limited when compared to the recommende ...@@ -302,7 +302,7 @@ Group SAML on a self-managed instance is limited when compared to the recommende
## Passwords for users created via SAML SSO for Groups ## Passwords for users created via SAML SSO for Groups
The [How we generate passwords for users created via integrated authentication methods](../../../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via SAML SSO for Groups. The [Generated passwords for users created through integrated authentication](../../../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via SAML SSO for Groups.
## Troubleshooting ## Troubleshooting
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment