Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
99e17684
Commit
99e17684
authored
Nov 22, 2021
by
Kati Paizee
Committed by
Suzanne Selhorn
Nov 22, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
CTRT edits for OmniAuth page - part 3
parent
955b8664
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
44 additions
and
42 deletions
+44
-42
doc/integration/img/omniauth_providers_v_14_6.png
doc/integration/img/omniauth_providers_v_14_6.png
+0
-0
doc/integration/omniauth.md
doc/integration/omniauth.md
+44
-42
No files found.
doc/integration/img/omniauth_providers_v_14_6.png
0 → 100644
View file @
99e17684
36.4 KB
doc/integration/omniauth.md
View file @
99e17684
...
@@ -10,6 +10,8 @@ Users can sign in to GitLab by using their credentials from Twitter, GitHub, and
...
@@ -10,6 +10,8 @@ Users can sign in to GitLab by using their credentials from Twitter, GitHub, and
[
OmniAuth
](
https://rubygems.org/gems/omniauth/
)
is the Rack
[
OmniAuth
](
https://rubygems.org/gems/omniauth/
)
is the Rack
framework that GitLab uses to provide this authentication.
framework that GitLab uses to provide this authentication.
![
OmniAuth providers on sign-in page
](
img/omniauth_providers_v_14_6.png
)
If you configure OmniAuth, users can continue to sign in using other
If you configure OmniAuth, users can continue to sign in using other
mechanisms, including standard GitLab authentication or LDAP (if configured).
mechanisms, including standard GitLab authentication or LDAP (if configured).
...
@@ -113,6 +115,12 @@ To change these settings:
...
@@ -113,6 +115,12 @@ To change these settings:
After configuring these settings, you can configure
After configuring these settings, you can configure
your chosen
[
provider
](
#supported-providers
)
.
your chosen
[
provider
](
#supported-providers
)
.
### Passwords for users created via OmniAuth
The
[
Generated passwords for users created through integrated authentication
](
../security/passwords_for_integrated_authentication_methods.md
)
guide provides an overview about how GitLab generates and sets passwords for
users created with OmniAuth.
## Enable OmniAuth for an existing user
## Enable OmniAuth for an existing user
If you're an existing user, after your GitLab account is
If you're an existing user, after your GitLab account is
...
@@ -129,6 +137,41 @@ provider like Twitter.
...
@@ -129,6 +137,41 @@ provider like Twitter.
You can now use your chosen OmniAuth provider to sign in to GitLab.
You can now use your chosen OmniAuth provider to sign in to GitLab.
## Enable or disable sign-in with an OmniAuth provider without disabling import sources
Administrators can enable or disable sign-in for some OmniAuth providers.
NOTE:
By default, sign-in is enabled for all the OAuth providers configured in
`config/gitlab.yml`
.
To enable or disable an OmniAuth provider:
1.
On the top bar, select
**Menu > Admin**
.
1.
On the left sidebar, select
**Settings**
.
1.
Expand
**Sign-in restrictions**
.
1.
In the
**Enabled OAuth authentication sources**
section, select or clear the checkbox for each provider you want to enable or disable.
## Disable OmniAuth
In GitLab 11.4 and later, OmniAuth is enabled by default. However, OmniAuth only works
if providers are configured and
[
enabled
](
#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources
)
.
If OmniAuth providers are causing problems even when individually disabled, you
can disable the entire OmniAuth subsystem by modifying the configuration file:
-
**For Omnibus installations**
```
ruby
gitlab_rails
[
'omniauth_enabled'
]
=
false
```
-
**For installations from source**
:
```
yaml
omniauth
:
enabled
:
false
```
## Link existing users to OmniAuth users
## Link existing users to OmniAuth users
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/36664) in GitLab 13.4.
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/36664) in GitLab 13.4.
...
@@ -228,41 +271,6 @@ let us know.
...
@@ -228,41 +271,6 @@ let us know.
We can't officially support every possible authentication mechanism available,
We can't officially support every possible authentication mechanism available,
but we'd like to at least help those with specific needs.
but we'd like to at least help those with specific needs.
## Enable or disable sign-in with an OmniAuth provider without disabling import sources
Administrators can enable or disable sign-in for some OmniAuth providers.
NOTE:
By default, sign-in is enabled for all the OAuth providers configured in
`config/gitlab.yml`
.
To enable or disable an OmniAuth provider:
1.
On the top bar, select
**Menu > Admin**
.
1.
On the left sidebar, select
**Settings**
.
1.
Expand
**Sign-in restrictions**
.
1.
In the
**Enabled OAuth authentication sources**
section, select or clear the checkbox for each provider you want to enable or disable.
## Disable OmniAuth
In GitLab 11.4 and later, OmniAuth is enabled by default. However, OmniAuth only works
if providers are configured and
[
enabled
](
#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources
)
.
If OmniAuth providers are causing problems even when individually disabled, you
can disable the entire OmniAuth subsystem by modifying the configuration file:
-
**For Omnibus installations**
```
ruby
gitlab_rails
[
'omniauth_enabled'
]
=
false
```
-
**For installations from source**
:
```
yaml
omniauth
:
enabled
:
false
```
## Keep OmniAuth user profiles up to date
## Keep OmniAuth user profiles up to date
You can enable profile syncing from selected OmniAuth providers. You can sync
You can enable profile syncing from selected OmniAuth providers. You can sync
...
@@ -344,12 +352,6 @@ one of the OmniAuth users is an administrator.
...
@@ -344,12 +352,6 @@ one of the OmniAuth users is an administrator.
You can also bypass automatic sign-in by browsing to
You can also bypass automatic sign-in by browsing to
`https://gitlab.example.com/users/sign_in?auto_sign_in=false`
.
`https://gitlab.example.com/users/sign_in?auto_sign_in=false`
.
## Passwords for users created via OmniAuth
The
[
Generated passwords for users created through integrated authentication
](
../security/passwords_for_integrated_authentication_methods.md
)
guide provides an overview about how GitLab generates and sets passwords for
users created with OmniAuth.
## Use a custom OmniAuth provider icon
## Use a custom OmniAuth provider icon
Most supported providers include a built-in icon for the rendered sign-in button.
Most supported providers include a built-in icon for the rendered sign-in button.
...
@@ -359,7 +361,7 @@ then override the icon in one of two ways:
...
@@ -359,7 +361,7 @@ then override the icon in one of two ways:
-
**Provide a custom image path**
:
-
**Provide a custom image path**
:
1.
*If you are hosting the image outside of your GitLab server domain,*
ensure
1.
If you are hosting the image outside of your GitLab server domain,
ensure
your
[
content security policies
](
https://docs.gitlab.com/omnibus/settings/configuration.html#content-security-policy
)
your
[
content security policies
](
https://docs.gitlab.com/omnibus/settings/configuration.html#content-security-policy
)
are configured to allow access to the image file.
are configured to allow access to the image file.
1.
Depending on your method of installing GitLab, add a custom
`icon`
parameter
1.
Depending on your method of installing GitLab, add a custom
`icon`
parameter
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment