2018-03-17 18:26:18 +05:30
---
comments: false
2019-09-30 21:07:59 +05:30
type: index
2020-06-23 00:09:42 +05:30
stage: Manage
group: Access
2021-02-22 17:27:13 +05:30
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
2018-03-17 18:26:18 +05:30
---
2021-06-08 01:23:25 +05:30
# GitLab authentication and authorization **(FREE SELF)**
2016-06-02 11:05:42 +05:30
GitLab integrates with the following external authentication and authorization
2019-09-30 21:07:59 +05:30
providers:
2016-06-02 11:05:42 +05:30
2020-11-24 15:15:51 +05:30
- [Atlassian ](atlassian.md )
2019-09-30 21:07:59 +05:30
- [Auth0 ](../../integration/auth0.md )
- [Authentiq ](authentiq.md )
2020-04-08 14:13:33 +05:30
- [AWS Cognito ](cognito.md )
2019-09-30 21:07:59 +05:30
- [Azure ](../../integration/azure.md )
- [Bitbucket Cloud ](../../integration/bitbucket.md )
- [CAS ](../../integration/cas.md )
2021-01-03 14:25:43 +05:30
- [Crowd ](crowd.md )
2019-09-30 21:07:59 +05:30
- [Facebook ](../../integration/facebook.md )
- [GitHub ](../../integration/github.md )
- [GitLab.com ](../../integration/gitlab.md )
2021-03-11 19:13:27 +05:30
- [Google OAuth ](../../integration/google.md )
2019-09-30 21:07:59 +05:30
- [JWT ](jwt.md )
- [Kerberos ](../../integration/kerberos.md )
2020-06-23 00:09:42 +05:30
- [LDAP ](ldap/index.md ): Includes Active Directory, Apple Open Directory, Open LDAP,
2019-09-30 21:07:59 +05:30
and 389 Server.
2020-06-23 00:09:42 +05:30
- [Google Secure LDAP ](ldap/google_secure_ldap.md )
2019-09-30 21:07:59 +05:30
- [Salesforce ](../../integration/salesforce.md )
- [SAML ](../../integration/saml.md )
2021-03-11 19:13:27 +05:30
- [SAML for GitLab.com groups ](../../user/group/saml_sso/index.md ) ** (PREMIUM SAAS)**
2019-09-30 21:07:59 +05:30
- [Shibboleth ](../../integration/shibboleth.md )
2021-03-11 19:13:27 +05:30
- [Smartcard ](smartcard.md ) ** (PREMIUM SELF)**
2019-09-30 21:07:59 +05:30
- [Twitter ](../../integration/twitter.md )
2020-06-23 00:09:42 +05:30
2021-02-22 17:27:13 +05:30
NOTE:
2020-06-23 00:09:42 +05:30
UltraAuth has removed their software which supports OmniAuth integration. We have therefore removed all references to UltraAuth integration.
2021-04-29 21:17:54 +05:30
## SaaS vs Self-Managed Comparison
The external authentication and authorization providers may support the following capabilities.
For more information, see the links shown on this page for each external provider.
| Capability | SaaS | Self-Managed |
|-------------------------------------------------|-----------------------------------------|------------------------------------|
| **User Provisioning** | SCIM< br > JIT Provisioning | LDAP Sync |
| **User Detail Updating** (not group management) | Not Available | LDAP Sync |
| **Authentication** | SAML at top-level group (1 provider) | LDAP (multiple providers)< br > Generic OAuth2< br > SAML (only 1 permitted per unique provider)< br > Kerberos< br > JWT< br > Smartcard< br > OmniAuth Providers (only 1 permitted per unique provider) |
| **Provider-to-GitLab Role Sync** | SAML Group Sync | LDAP Group Sync |
| **User Removal** | SCIM (remove user from top-level group) | LDAP (Blocking User from Instance) |
