This guide walks you through integrating GitLab single sign-on (SSO) with your application. Using GitLab SSO, you can enable users to authenticate using their GitLab accounts.
To set up GitLab SSO, two key environment variables need to be configured:
GITLAB_CLIENT_ID: This is the OAuth client ID from your GitLab application.GITLAB_CLIENT_SECRET: This is the OAuth client secret from your GitLab application.
-
Create a GitLab OAuth Application:
- Go to GitLab Sign-In and log in using your credentials.
- Go to your GitLab Profile Settings.
- Click on
New application.
-
Configure the Application:
- Enter the
Namefor your application (e.g., "MyAppSSO"). - Fill in the
Redirect URIfield with the URL to which your application will redirect after successful authentication (e.g.,http://localhost:8000/callback). - Under
Scopes, selectread_user,api, andemail. - Click on
Save application.
- Enter the
-
Retrieve Your Credentials:
-
After saving, GitLab will provide a
Application ID(which corresponds toGITLAB_CLIENT_ID) andSecret(which corresponds toGITLAB_CLIENT_SECRET). -
Set these values in your environment variables or
.envfile:GITLAB_CLIENT_ID=your_client_id GITLAB_CLIENT_SECRET=your_client_secret
-
When creating your OAuth application on GitLab, ensure that you select the following scopes:
read_user: Allows reading the authenticated user�s profile data.api: Full access to the authenticated user's API.email: Access to the authenticated user's email address.
These scopes are necessary for retrieving user information such as name and email.