debian-mirror-gitlab/doc/administration/auth/atlassian.md

79 lines
3.2 KiB
Markdown
Raw Normal View History

2020-11-24 15:15:51 +05:30
---
type: reference
stage: Manage
2022-04-04 11:22:00 +05:30
group: Authentication and Authorization
2021-02-22 17:27:13 +05:30
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
2020-11-24 15:15:51 +05:30
---
2021-06-08 01:23:25 +05:30
# Atlassian OmniAuth Provider **(FREE SELF)**
2020-11-24 15:15:51 +05:30
To enable the Atlassian OmniAuth provider for passwordless authentication you must register an application with Atlassian.
## Atlassian application registration
2021-09-30 23:02:18 +05:30
1. Go to <https://developer.atlassian.com/console/myapps/> and sign-in with the Atlassian
2021-10-27 15:23:28 +05:30
account to administer the application.
2022-05-07 20:08:51 +05:30
1. Select **Create a new app**.
1. Choose an App Name, such as 'GitLab', and select **Create**.
2020-11-24 15:15:51 +05:30
1. Note the `Client ID` and `Secret` for the [GitLab configuration](#gitlab-configuration) steps.
2022-05-07 20:08:51 +05:30
1. On the left sidebar under **APIS AND FEATURES**, select **OAuth 2.0 (3LO)**.
1. Enter the GitLab callback URL using the format `https://gitlab.example.com/users/auth/atlassian_oauth2/callback` and select **Save changes**.
1. Select **+ Add** in the left sidebar under **APIS AND FEATURES**.
1. Select **Add** for **Jira platform REST API** and then **Configure**.
1. Select **Add** next to the following scopes:
2020-11-24 15:15:51 +05:30
- **View Jira issue data**
- **View user profiles**
- **Create and manage issues**
## GitLab configuration
1. On your GitLab server, open the configuration file:
For Omnibus GitLab installations:
```shell
sudo editor /etc/gitlab/gitlab.rb
```
For installations from source:
```shell
sudo -u git -H editor /home/git/gitlab/config/gitlab.yml
```
2021-12-11 22:18:48 +05:30
1. See [Configure initial settings](../../integration/omniauth.md#configure-initial-settings) for initial settings to enable single sign-on and add `atlassian_oauth2` as an OAuth provider.
2020-11-24 15:15:51 +05:30
1. Add the provider configuration for Atlassian:
For Omnibus GitLab installations:
```ruby
gitlab_rails['omniauth_providers'] = [
{
name: "atlassian_oauth2",
2022-01-26 12:08:38 +05:30
# label: "Provider name", # optional label for login button, defaults to "Atlassian"
2020-11-24 15:15:51 +05:30
app_id: "YOUR_CLIENT_ID",
app_secret: "YOUR_CLIENT_SECRET",
2022-01-26 12:08:38 +05:30
args: { scope: "offline_access read:jira-user read:jira-work", prompt: "consent" }
2020-11-24 15:15:51 +05:30
}
]
```
For installations from source:
```yaml
2022-01-26 12:08:38 +05:30
- { name: "atlassian_oauth2",
# label: "Provider name", # optional label for login button, defaults to "Atlassian"
app_id: "YOUR_CLIENT_ID",
app_secret: "YOUR_CLIENT_SECRET",
args: { scope: "offline_access read:jira-user read:jira-work", prompt: "consent" }
}
2020-11-24 15:15:51 +05:30
```
1. Change `YOUR_CLIENT_ID` and `YOUR_CLIENT_SECRET` to the Client credentials you received in [application registration](#atlassian-application-registration) steps.
1. Save the configuration file.
1. [Reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure) or [restart GitLab](../restart_gitlab.md#installations-from-source) for the changes to take effect if you installed GitLab via Omnibus or from source respectively.
2022-05-07 20:08:51 +05:30
On the sign-in page there should now be an Atlassian icon below the regular sign in form. Select the icon to begin the authentication process.
2020-11-24 15:15:51 +05:30
If everything goes right, the user is signed in to GitLab using their Atlassian credentials.