debian-mirror-gitlab/doc/administration/auth/README.md
2021-06-08 01:23:25 +05:30

2.7 KiB

comments type stage group info
false index Manage Access To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments

GitLab authentication and authorization (FREE SELF)

GitLab integrates with the following external authentication and authorization providers:

NOTE: UltraAuth has removed their software which supports OmniAuth integration. We have therefore removed all references to UltraAuth integration.

SaaS vs Self-Managed Comparison

The external authentication and authorization providers may support the following capabilities. For more information, see the links shown on this page for each external provider.

Capability SaaS Self-Managed
User Provisioning SCIM
JIT Provisioning
LDAP Sync
User Detail Updating (not group management) Not Available LDAP Sync
Authentication SAML at top-level group (1 provider) LDAP (multiple providers)
Generic OAuth2
SAML (only 1 permitted per unique provider)
Kerberos
JWT
Smartcard
OmniAuth Providers (only 1 permitted per unique provider)
Provider-to-GitLab Role Sync SAML Group Sync LDAP Group Sync
User Removal SCIM (remove user from top-level group) LDAP (Blocking User from Instance)