diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-07-21 12:09:01 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-07-21 12:09:01 +0300 |
commit | 265a7ceccadf01cf1c2983c54abf86de19f6c2ad (patch) | |
tree | f1de299bda703e91bee465043024ba00832759af /doc/integration/azure.md | |
parent | 97d7aba1c6be314577492bd609c90279e4afd40d (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/integration/azure.md')
-rw-r--r-- | doc/integration/azure.md | 43 |
1 files changed, 36 insertions, 7 deletions
diff --git a/doc/integration/azure.md b/doc/integration/azure.md index 515e7406545..da1aa574bd6 100644 --- a/doc/integration/azure.md +++ b/doc/integration/azure.md @@ -107,6 +107,24 @@ Alternatively, add the `User.Read.All` application permission. ] ``` + For [alternative Azure clouds](https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-national-cloud), + configure `base_azure_url` under the `args` section. For example, for Azure Government Community Cloud (GCC): + + ```ruby + gitlab_rails['omniauth_providers'] = [ + { + "name" => "azure_activedirectory_v2", + "label" => "Provider name", # optional label for login button, defaults to "Azure AD v2" + "args" => { + "client_id" => "CLIENT ID", + "client_secret" => "CLIENT SECRET", + "tenant_id" => "TENANT ID", + "base_azure_url" => "https://login.microsoftonline.us" + } + } + ] + ``` + - **For installations from source** For the v1.0 endpoint: @@ -115,8 +133,8 @@ Alternatively, add the `User.Read.All` application permission. - { name: 'azure_oauth2', # label: 'Provider name', # optional label for login button, defaults to "Azure AD" args: { client_id: 'CLIENT ID', - client_secret: 'CLIENT SECRET', - tenant_id: 'TENANT ID' } } + client_secret: 'CLIENT SECRET', + tenant_id: 'TENANT ID' } } ``` For the v2.0 endpoint: @@ -125,14 +143,25 @@ Alternatively, add the `User.Read.All` application permission. - { name: 'azure_activedirectory_v2', label: 'Provider name', # optional label for login button, defaults to "Azure AD v2" args: { client_id: "CLIENT ID", - client_secret: "CLIENT SECRET", - tenant_id: "TENANT ID" } } + client_secret: "CLIENT SECRET", + tenant_id: "TENANT ID" } } + ``` + + For [alternative Azure clouds](https://docs.microsoft.com/en-us/azure/active-directory/develop/authentication-national-cloud), + configure `base_azure_url` under the `args` section. For example, for Azure Government Community Cloud (GCC): + + ```yaml + - { name: 'azure_activedirectory_v2', + label: 'Provider name', # optional label for login button, defaults to "Azure AD v2" + args: { client_id: "CLIENT ID", + client_secret: "CLIENT SECRET", + tenant_id: "TENANT ID", + base_azure_url: "https://login.microsoftonline.us" } } ``` - You can optionally add the following parameters: + In addition, you can optionally add the following parameters to the `args` section: - - `base_azure_url` for different locales. For example, `base_azure_url: "https://login.microsoftonline.de"`. - - `scope`, which you add to `args`. The default is `openid profile email`. + - `scope` for [OAuth2 scopes](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow). The default is `openid profile email`. 1. Save the configuration file. |