1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
---
stage: Govern
group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Use Facebook as an OAuth 2.0 authentication provider **(FREE ALL)**
You can use the Facebook OmniAuth provider to authenticate users with their Facebook account.
To enable the Facebook OmniAuth provider, you must:
- Register your application with Facebook. Facebook generates an app ID and a secret key for you to use.
- Configure the GitLab server.
## Register your application with Facebook
1. Sign in to your [Facebook developer account](https://developers.facebook.com/).
1. Go to **My Apps** > **Create App**, then complete the following steps:
1. Enter a descriptive name for your app. For example: **`<your_organization's>` GitLab** or **`<your_name's>` GitLab**.
1. Select **Create New Facebook App ID**.
1. Select a **Category**. For example **Productivity**.
1. Select **Create App ID**.
1. At the bottom of the page, enter the address of your GitLab installation.
![Facebook Website URL](img/facebook_website_url.png)
1. Select **Next**.
1. In the upper-right corner, select **Skip Quick Start**.
1. From the menu on the left, select **Settings**, then complete the following:
1. Enter a contact email for your app.
![Facebook App Settings](img/facebook_app_settings.png)
1. Select **Save Changes**.
1. From the menu on the left, select **Status & Review**, then complete the following:
1. Change the switch on the right from **No** to **Yes**.
1. When prompted to make the app public, select **Confirm**.
1. From the menu on the left, select **Dashboard**, then complete the following:
1. Next to the hidden **App Secret**, select **Show**.
1. Copy the **App ID** and **App Secret**. Keep this page
open as you continue configuration.
![Facebook API Keys](img/facebook_api_keys.png)
## Configure the GitLab server
1. On your GitLab server, open the configuration file:
::Tabs
:::TabTitle Linux package installations
```shell
sudo editor /etc/gitlab/gitlab.rb
```
:::TabTitle Self-compiled installations
```shell
cd /home/git/gitlab
sudo -u git -H editor config/gitlab.yml
```
::EndTabs
1. Configure the [common settings](omniauth.md#configure-common-settings)
to add `facebook` as a single sign-on provider. This enables Just-In-Time
account provisioning for users who do not have an existing GitLab account.
1. Add the provider configuration:
::Tabs
:::TabTitle Linux package installations
```ruby
gitlab_rails['omniauth_providers'] = [
{
name: "facebook",
# label: "Provider name", # optional label for login button, defaults to "Facebook"
app_id: "YOUR_APP_ID",
app_secret: "YOUR_APP_SECRET"
}
]
```
:::TabTitle Self-compiled installations
```yaml
- { name: 'facebook',
# label: 'Provider name', # optional label for login button, defaults to "Facebook"
app_id: 'YOUR_APP_ID',
app_secret: 'YOUR_APP_SECRET' }
```
::EndTabs
1. In the provide configuration, paste the following values:
1. `YOUR_APP_ID`: The **App ID** you copied in the previous step.
1. `YOUR_APP_SECRET`: The **App Secret** you copied in the previous step.
1. Save the configuration file.
1. For the changes to take effect:
- If you installed using the Linux package, [reconfigure GitLab](../administration/restart_gitlab.md#reconfigure-a-linux-package-installation).
- If you self-compiled your installation, [restart GitLab](../administration/restart_gitlab.md#self-compiled-installations).
On the sign in page, a Facebook icon should now appear below the sign-in fields.
The user can select the icon to sign in.
|