diff options
| author | Evan Read <eread@gitlab.com> | 2019-06-07 01:04:40 +0000 |
|---|---|---|
| committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-06-10 07:15:45 +0000 |
| commit | a1ada784b16c082dbdeb4b65e067125f8429bbaf (patch) | |
| tree | 42422fa0986eaa6b8c24a99663ad144aadda248d /doc/administration | |
| parent | 2e1e1f4e6d25cafd6d14551cb7f6fec8ed38c0f1 (diff) | |
| download | gitlab-ce-a1ada784b16c082dbdeb4b65e067125f8429bbaf.tar.gz | |
Merge branch 'sh-improve-openid-docs' into 'master'
Fix OpenID Connect documentation
See merge request gitlab-org/gitlab-ce!29314
(cherry picked from commit 5997cc89ff15d9a5c9f3d2470119c66ccd3c1c2a)
6dcbf1f5 Fix OpenID Connect documentation
Diffstat (limited to 'doc/administration')
| -rw-r--r-- | doc/administration/auth/oidc.md | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/doc/administration/auth/oidc.md b/doc/administration/auth/oidc.md index e55f7dbb4df..df4f22aa3e7 100644 --- a/doc/administration/auth/oidc.md +++ b/doc/administration/auth/oidc.md @@ -31,6 +31,7 @@ The OpenID Connect will provide you with a client details and secret for you to { 'name' => 'openid_connect', 'label' => '<your_oidc_label>', 'args' => { + "name' => 'openid_connect', 'scope' => ['openid','profile'], 'response_type' => 'code', 'issuer' => '<your_oidc_url>', @@ -53,6 +54,7 @@ The OpenID Connect will provide you with a client details and secret for you to - { name: 'openid_connect', label: '<your_oidc_label>', args: { + name: 'openid_connect', scope: ['openid','profile'], response_type: 'code', issuer: '<your_oidc_url>', @@ -103,3 +105,36 @@ On the sign in page, there should now be an OpenID Connect icon below the regula Click the icon to begin the authentication process. The OpenID Connect provider will ask the user to sign in and authorize the GitLab application (if confirmation required by the client). If everything goes well, the user will be redirected to GitLab and will be signed in. + +## Example configurations + +The following configurations illustrate how to set up OpenID with +different providers with Omnibus GitLab. + +### Google + +See the [Google +documentation](https://developers.google.com/identity/protocols/OpenIDConnect) +for more details: + +```ruby + gitlab_rails['omniauth_providers'] = [ + { + 'name' => 'openid_connect', + 'label' => 'Google OpenID', + 'args' => { + 'name' => 'openid_connect', + 'scope' => ['openid', 'profile', 'email'], + 'response_type' => 'code', + 'issuer' => 'https://accounts.google.com', + 'client_auth_method' => 'query', + 'discovery' => true, + 'uid_field' => 'preferred_username', + 'client_options' => { + 'identifier' => '<YOUR PROJECT CLIENT ID>', + 'secret' => '<YOUR PROJECT CLIENT SECRET>', + 'redirect_uri' => 'https://example.com/users/auth/openid_connect/callback', + } + } + } +``` |