Use AliCloud as an OmniAuth authentication provider

You can enable the AliCloud OAuth 2.0 OmniAuth provider and sign in to GitLab using your AliCloud account.

Create an AliCloud application

Sign in to the AliCloud platform and create an application on it. AliCloud generates a client ID and secret key for you to use.

  1. Sign in to the AliCloud platform.

  2. Go to the OAuth application management page.

  3. Select Create Application.

  4. Fill in the application details:

    • Application Name: This can be anything.
    • Display Name: This can be anything.
    • Callback URL: This URL should be formatted as 'GitLab instance URL' + '/users/auth/alicloud/callback'. For example, http://test.gitlab.com/users/auth/alicloud/callback.

    Select Save.

  5. Add OAuth scopes in the application details page:

    1. Under the Application Name column, select the name of the application you created. The application’s details page opens.
    2. Under the Application OAuth Scopes tab, select Add OAuth Scopes.
    3. Select the aliuid and profile checkboxes.
    4. Select OK.

    AliCloud OAuth scope

  6. Create a secret in the application details page:

    1. Under the App Secrets tab, select Create Secret.
    2. Copy the SecretValue generated.

Enable AliCloud OAuth in GitLab

  1. On your GitLab server, open the configuration file.

    • For Omnibus installations

      sudo editor /etc/gitlab/gitlab.rb
      
    • For installations from source

      cd /home/git/gitlab
      
      sudo -u git -H editor config/gitlab.yml
      
  2. Edit the common configuration file settings to add alicloud as a single sign-on provider. This enables Just-In-Time account provisioning for users who do not have an existing GitLab account.

  3. Add the provider configuration. Replace YOUR_APP_ID with the ID on the application details page and YOUR_APP_SECRET with the SecretValue you got when you registered the AliCloud application.

    • For Omnibus installations

        gitlab_rails['omniauth_providers'] = [
          {
            name: "alicloud",
            app_id: "YOUR_APP_ID",
            app_secret: "YOUR_APP_SECRET"
          }
        ]
      
    • For installations from source

      - { name: 'alicloud',
          app_id: 'YOUR_APP_ID',
          app_secret: 'YOUR_APP_SECRET' }
      
  4. Save the configuration file.

  5. Reconfigure GitLab if you installed using Omnibus, or restart GitLab if you installed from source.