GitLab

cidaas as a GitLab Extension

GitLab is a complete DevOps platform delivered as a single application.

cidaas allows GitLab to consolidate authentication and authorization to applications through a single sign-on mechanism and ensures a consistent and secure login experience for GitLab users.

By configuring cidaas as an extension to GitLab, you can login to your Self-hosted GitLab Services using your cidaas credentials with a greater degree of certainty.

This section will help you with the configuration steps to add cidaas to your GitLab application which is quite easy!

If you are here, we assume you are already using GitLab and would like to connect cidaas with your GitLab instance.

The overall process includes:

1. Creating an App in cidaas for GitLab and updating the scopes.

2. Configuring GitLab using OpenID Connect.

The Prerequisites for this set-up include:

1. A registered domain on GitLab.

2. GitLab Admin access.

3. cidaas instance.

Creating a cidaas App

To get the signing certificate, login and logout URLs you need to create an Application in cidaas.

Here are the steps to create an App using the cidaas administration interface, which is available after you sign up with cidaas.

1. Navigate to the cidaas Administrator dashboard -> Apps -> App Settings.

2. Click on the Create New App button.

3. Enter the App name and then select the App type as Single Page. You can enter the details of other optional fields if required.

Then, click on the Next button.

Updating Scopes

4. Next, for Scope , select email, openid, profile, phone and address from the dropdown list by clicking on the checkbox appearing in front of the option.

You can also look for a specific scope value using the search bar.

Setting the value for Hosted Page Group is optional. You could select the value from the drop-down list or select default.

5. For the Redirect URL, add https://YOUR_GITLAB_BASE_URL/users/auth/openid_connect/callback and for Logout URL, add https://YOUR_GITLAB_BASE_URL in the respective textboxes as shown below.

Note: Please replace YOUR_GITLAB_BASE_URL with the relevant URL in both the places.

Then, click on the Next button.

6. Under Company Details, type in the details for Company Name, Company Address, and Website URL. You could provide the values for other optional fields as well. Finally, click on the Submit button.

This will display a Success Confirmation window to indicate that your application has been created successfully.

7. Once the App is created successfully, it appears in the cidaas Apps List.

Configuring Gitlab using OpenID Connect

OpenID Connect (OIDC) is a simple identity layer on top of the OAuth 2.0 protocol. It allows your application to:

  1. Verify the identity of the end-user (using cidaas) based on the authentication performed by GitLab.
  2. Obtain the basic profile information about the end-user in an interoperable and REST-like manner.

Steps to Configure GitLab

1. Connect to your GitLab server and login to your Admin account.

2. Navigate to your profile settings.

3. Open the gitlab.rb file from the location /etc/gitlab/gitlab.rb. GitLab is configured by setting the relevant options in /etc/gitlab/gitlab.rb.

4. Then, add the following code in the gitlab.rb file.


gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = ['openid_connect']
gitlab_rails['omniauth_block_auto_created_users'] = false
gitlab_rails['omniauth_providers'] = [
 { 'name' => 'openid_connect',
 'label' => 'Cidaas',
 'args' => {
 'name' => 'openid_connect',
 'scope' => ['openid','profile','email','phone','address'],
 'response_type' => 'code',
 'issuer' => 'https://<YOUR_CIDAAS_BASEURL>.cidaas.de',
 'discovery' => true,
 'client_auth_method' => 'query',
 'uid_field' => 'email',
 'client_options' => {
 'identifier' => 'Clien-ID',
 'secret' => 'Client Secret',
 'redirect_uri' => 'https://gitlab.<YOUR_GITLAB_DOMAIN>.de/users/auth/openid_connect/callback'
 }
 }
 }

5. Paste the values for Client ID and Client Secret copied from cidaas' App Settings section to the above code.

You can copy these values by navigating to Apps-> App Settings-> Apps List and clicking the Edit button of the GitLab App you created.

You can get the values for Client ID and Client Secret here.

Next, replace YOUR_CIDAAS_BASEURL with your cidaas base URL for issuer and YOUR_GITLAB_DOMAIN with your GitLab domain name for redirect_uri.

6. Finally, Save this file and Run the Installer . Navigate to your GitLab Domain URL on your browser. You will be redirected automatically to the cidaas login screen.

Congratulations! You have now completed the setup for cidaas as a GitLab Extension.

If you face any issues while configuring this set-up, please contact our support team.

Click here for further assistance.


results matching ""

    No results matching ""