diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-19 21:09:17 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-19 21:09:17 +0000 |
commit | 49a923c646a2c24b5377cfde8236c73094c60d42 (patch) | |
tree | 8e4ef094e6a338c80123765d8cd2a707c82bdc7b /doc/administration/auth | |
parent | 0eb4fd2f32e6804bc85868ba167170238e346279 (diff) | |
download | gitlab-ce-49a923c646a2c24b5377cfde8236c73094c60d42.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/administration/auth')
-rw-r--r-- | doc/administration/auth/cognito.md | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/doc/administration/auth/cognito.md b/doc/administration/auth/cognito.md index 84923952131..8d5580ccb6c 100644 --- a/doc/administration/auth/cognito.md +++ b/doc/administration/auth/cognito.md @@ -26,7 +26,7 @@ The following steps enable AWS Cognito as an authentication provider: - **Callback URL** - `https://gitlab.example.com/users/auth/cognito/callback` - Substitute the URL of your GitLab instance for `gitlab.example.com` - **Allowed OAuth Flows** - Authorization code grant - - **Allowed OAuth Scopes** - `email` and `openid` + - **Allowed OAuth2 Scopes** - `email`, `openid`, and `profile` 1. Save changes for the app client settings. 1. Under **Domain name** include the AWS domain name for your AWS Cognito application. @@ -54,15 +54,17 @@ Include the code block in the `/etc/gitlab/gitlab.rb` file: "app_id" => "CLIENT ID", "app_secret" => "CLIENT SECRET", "args" => { + "scope" => "openid profile email", client_options: { 'site' => 'https://your_domain.auth.your_region.amazoncognito.com', - 'authorize_url' => '/login', + 'authorize_url' => '/oauth2/authorize', 'token_url' => '/oauth2/token', 'user_info_url' => '/oauth2/userInfo' }, user_response_structure: { root_path: [], - attributes: { nickname: 'email'} + id_path: ['sub'], + attributes: { nickname: 'email', name: 'email', email: 'email' } }, name: 'cognito', strategy_class: "OmniAuth::Strategies::OAuth2Generic" |