Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/doc/administration/auth/README.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/administration/auth/README.md')
-rw-r--r--doc/administration/auth/README.md15
1 files changed, 13 insertions, 2 deletions
diff --git a/doc/administration/auth/README.md b/doc/administration/auth/README.md
index 69220113940..ef82c556468 100644
--- a/doc/administration/auth/README.md
+++ b/doc/administration/auth/README.md
@@ -23,13 +23,11 @@ providers:
- [GitHub](../../integration/github.md)
- [GitLab.com](../../integration/gitlab.md)
- [Google OAuth](../../integration/google.md)
-- [Google Workspace SSO](../../integration/google_workspace_saml.md)
- [JWT](jwt.md)
- [Kerberos](../../integration/kerberos.md)
- [LDAP](ldap/index.md): Includes Active Directory, Apple Open Directory, Open LDAP,
and 389 Server.
- [Google Secure LDAP](ldap/google_secure_ldap.md)
-- [Okta](okta.md)
- [Salesforce](../../integration/salesforce.md)
- [SAML](../../integration/saml.md)
- [SAML for GitLab.com groups](../../user/group/saml_sso/index.md) **(PREMIUM SAAS)**
@@ -39,3 +37,16 @@ providers:
NOTE:
UltraAuth has removed their software which supports OmniAuth integration. We have therefore removed all references to UltraAuth integration.
+
+## SaaS vs Self-Managed Comparison
+
+The external authentication and authorization providers may support the following capabilities.
+For more information, see the links shown on this page for each external provider.
+
+| Capability | SaaS | Self-Managed |
+|-------------------------------------------------|-----------------------------------------|------------------------------------|
+| **User Provisioning** | SCIM<br>JIT Provisioning | LDAP Sync |
+| **User Detail Updating** (not group management) | Not Available | LDAP Sync |
+| **Authentication** | SAML at top-level group (1 provider) | LDAP (multiple providers)<br>Generic OAuth2<br>SAML (only 1 permitted per unique provider)<br>Kerberos<br>JWT<br>Smartcard<br>OmniAuth Providers (only 1 permitted per unique provider) |
+| **Provider-to-GitLab Role Sync** | SAML Group Sync | LDAP Group Sync |
+| **User Removal** | SCIM (remove user from top-level group) | LDAP (Blocking User from Instance) |
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-16 03:19:17 +0300