Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/doc/integration/oauth2_generic.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/integration/oauth2_generic.md')
-rw-r--r--doc/integration/oauth2_generic.md55
1 files changed, 27 insertions, 28 deletions
diff --git a/doc/integration/oauth2_generic.md b/doc/integration/oauth2_generic.md
index e3ec1aa16a1..a337873a67e 100644
--- a/doc/integration/oauth2_generic.md
+++ b/doc/integration/oauth2_generic.md
@@ -1,42 +1,42 @@
---
stage: Manage
group: Authentication and Authorization
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
-# Generic OAuth2 provider **(FREE SELF)**
+# Generic OAuth 2.0 provider **(FREE SELF)**
The `omniauth-oauth2-generic` gem allows single sign-on (SSO) between GitLab
-and your OAuth2 provider (or any OAuth2 provider compatible with this gem).
+and your OAuth 2.0 provider, or any OAuth 2.0 provider compatible with this gem).
This strategy allows for the configuration of this OmniAuth SSO process:
1. Strategy directs the client to your authorization URL (**configurable**), with
the specified ID and key.
-1. The OAuth2 provider handles authentication of the request, user, and (optionally)
- authorization to access user's profile.
-1. The OAuth2 provider directs the client back to GitLab where Strategy handles
- the retrieval of the access token.
+1. The OAuth 2.0 provider handles authentication of the request, user, and (optionally)
+ authorization to access the user's profile.
+1. The OAuth 2.0 provider directs the client back to GitLab where Strategy
+ retrieves the access token.
1. Strategy requests user information from a **configurable** "user profile"
- URL (using the access token).
-1. Strategy parses user information from the response, using a **configurable**
+ URL using the access token.
+1. Strategy parses user information from the response using a **configurable**
format.
1. GitLab finds or creates the returned user and signs them in.
-## Limitations of this strategy
+This strategy:
-- It can only be used for single sign-on, and doesn't provide any other access
- granted by any OAuth2 provider (like importing projects or users).
-- It supports only the Authorization Grant flow (most common for client-server
- applications, like GitLab).
-- It can't fetch user information from more than one URL.
-- It hasn't been tested with user information formats, other than JSON.
+- Can only be used for single sign-on, and does not provide any other access
+ granted by any OAuth 2.0 provider. For example, importing projects or users.
+- Only supports the Authorization Grant flow, which is most common for client-server
+ applications like GitLab.
+- Cannot fetch user information from more than one URL.
+- Has not been tested with user information formats, except JSON.
-## Configure the OAuth2 provider
+## Configure the OAuth 2.0 provider
To configure the provider:
-1. Register your application in the OAuth2 provider you want to authenticate with.
+1. Register your application in the OAuth 2.0 provider you want to authenticate with.
The redirect URI you provide when registering the application should be:
@@ -44,9 +44,9 @@ To configure the provider:
http://your-gitlab.host.com/users/auth/oauth2_generic/callback
```
- You should now be able to get a Client ID and Client Secret. Where this
- appears differs for each provider. This may also be called Application ID
- and Secret.
+ You should now be able to get a client ID and client secret. Where these
+ appear is different for each provider. This may also be called application ID
+ and application secret.
1. On your GitLab server, open the appropriate configuration file.
@@ -99,15 +99,14 @@ To configure the provider:
]
```
- For more information about these settings, see [the gem's README](https://gitlab.com/satorix/omniauth-oauth2-generic#gitlab-config-example).
+ For more information about these settings, see the [gem's README](https://gitlab.com/satorix/omniauth-oauth2-generic#gitlab-config-example).
1. Save the configuration file.
-1. [Restart](../administration/restart_gitlab.md#installations-from-source)
- GitLab for the changes to take effect.
+1. For the changes to take effect, [restart GitLab](../administration/restart_gitlab.md#installations-from-source).
-On the sign-in page there should now be a new button below the regular sign-in
-form. Select the button to begin your provider's authentication process. This
-directs the browser to your OAuth2 provider's authentication page. If
-everything goes well, you are returned to your GitLab instance and are
+On the sign-in page there should now be a new icon below the regular sign-in
+form. Select that icon to begin your provider's authentication process. This
+directs the browser to your OAuth 2.0 provider's authentication page. If
+everything goes well, you are returned to your GitLab instance and
signed in.
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-02 00:02:09 +0300