Hi. I am trying to set up our Gitlab group to become an IdP client of Ipsilon's using SAML so that Fedora account users can sign in there without any setup. Looking at Ipsilon and Gitlab's documentation I think to do this I need to:
Any help you can offer would be great.
Metadata Update from @humaton:
- Issue priority set to: Waiting on Reporter (was: Needs Review)
- Issue tagged with: authentication, ops
Does gitlab require SAML2? or can it do OIDC... OIDC is a lot more flexable if it can do that.
Is this for all of gitlab.com? or some particular gitlab instance?
I believe not, they only support OIDC as a provider or with specific other providers. From looking at their docs I think we are stuck with SAML2. This is for gitlab.com, it's a SaaS offering.
ok. We can do SAML2 I suppose. I think I can set this up, but would be good to get @puiterwijk to look it over in case I missed anything.
to comment on this ticket.