2020-10-29 11:09:12 -04:00
---
2022-05-12 23:08:13 -04:00
stage: Manage
group: Authentication and Authorization
2020-11-26 01:09:20 -05:00
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
2020-10-29 11:09:12 -04:00
---
2021-03-11 13:09:23 -05:00
# Auth0 OmniAuth Provider **(FREE SELF)**
2016-02-29 00:37:27 -05:00
To enable the Auth0 OmniAuth provider, you must create an Auth0 account, and an
application.
2021-08-26 17:11:25 -04:00
1. Sign in to the [Auth0 Console ](https://auth0.com/auth/login ). You can also
create an account using the same link.
2016-02-29 00:37:27 -05:00
2020-11-16 13:09:15 -05:00
1. Select **New App/API** .
2016-02-29 00:37:27 -05:00
1. Provide the Application Name ('GitLab' works fine).
2020-11-16 13:09:15 -05:00
1. After creating, you should see the **Quick Start** options. Disregard them and
select **Settings** above the **Quick Start** options.
2016-02-29 00:37:27 -05:00
2020-11-16 13:09:15 -05:00
1. At the top of the Settings screen, you should see your **Domain** , **Client ID** , and
**Client Secret** . These values are needed in the configuration file. For example:
2019-07-11 11:21:26 -04:00
- Domain: `test1234.auth0.com`
- Client ID: `t6X8L2465bNePWLOvt9yi41i`
- Client Secret: `KbveM3nqfjwCbrhaUy_gDu2dss8TIlHIdzlyf33pB7dEK5u_NyQdp65O_o02hXs2`
2016-02-29 00:37:27 -05:00
2020-11-16 13:09:15 -05:00
1. Fill in the **Allowed Callback URLs** :
2019-07-11 11:21:26 -04:00
- `http://YOUR_GITLAB_URL/users/auth/auth0/callback` (or)
- `https://YOUR_GITLAB_URL/users/auth/auth0/callback`
2016-02-29 00:37:27 -05:00
2020-11-16 13:09:15 -05:00
1. Fill in the **Allowed Origins (CORS)** :
2019-07-11 11:21:26 -04:00
- `http://YOUR_GITLAB_URL` (or)
- `https://YOUR_GITLAB_URL`
2016-02-29 00:37:27 -05:00
1. On your GitLab server, open the configuration file.
2020-11-16 13:09:15 -05:00
For Omnibus GitLab:
2016-02-29 00:37:27 -05:00
2020-01-30 10:09:15 -05:00
```shell
2019-07-11 11:21:26 -04:00
sudo editor /etc/gitlab/gitlab.rb
```
2016-02-29 00:37:27 -05:00
2019-07-11 11:21:26 -04:00
For installations from source:
2016-02-29 00:37:27 -05:00
2020-01-30 10:09:15 -05:00
```shell
2019-07-11 11:21:26 -04:00
cd /home/git/gitlab
sudo -u git -H editor config/gitlab.yml
```
2016-02-29 00:37:27 -05:00
2021-11-09 13:13:13 -05:00
1. Read [Configure initial settings ](omniauth.md#configure-initial-settings )
2019-02-22 08:17:10 -05:00
for initial settings.
2016-02-29 00:37:27 -05:00
1. Add the provider configuration:
2020-11-16 13:09:15 -05:00
For Omnibus GitLab:
2019-07-11 11:21:26 -04:00
```ruby
gitlab_rails['omniauth_providers'] = [
{
2021-11-19 04:13:48 -05:00
name: "auth0",
# label: "Provider name", # optional label for login button, defaults to "Auth0"
args: {
client_id: "YOUR_AUTH0_CLIENT_ID",
client_secret: "YOUR_AUTH0_CLIENT_SECRET",
domain: "YOUR_AUTH0_DOMAIN",
scope: "openid profile email"
}
2019-07-11 11:21:26 -04:00
}
]
```
For installations from source:
```yaml
- { name: 'auth0',
2021-11-19 04:13:48 -05:00
# label: 'Provider name', # optional label for login button, defaults to "Auth0"
2019-07-11 11:21:26 -04:00
args: {
client_id: 'YOUR_AUTH0_CLIENT_ID',
client_secret: 'YOUR_AUTH0_CLIENT_SECRET',
domain: 'YOUR_AUTH0_DOMAIN',
scope: 'openid profile email' }
}
```
2016-02-29 00:37:27 -05:00
1. Change `YOUR_AUTH0_CLIENT_ID` to the client ID from the Auth0 Console page
2019-02-22 08:17:10 -05:00
from step 5.
2016-02-29 00:37:27 -05:00
1. Change `YOUR_AUTH0_CLIENT_SECRET` to the client secret from the Auth0 Console
2019-02-22 08:17:10 -05:00
page from step 5.
2016-02-29 00:37:27 -05:00
2020-11-16 13:09:15 -05:00
1. Reconfigure or restart GitLab, depending on your installation method:
2016-02-29 00:37:27 -05:00
2020-11-16 13:09:15 -05:00
- *If you installed from Omnibus GitLab,*
[Reconfigure ](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure ) GitLab.
- *If you installed from source,*
[restart GitLab ](../administration/restart_gitlab.md#installations-from-source ).
On the sign-in page there should now be an Auth0 icon below the regular sign-in
2022-05-24 17:09:08 -04:00
form. Select the icon to begin the authentication process. Auth0 asks the
2020-11-16 13:09:15 -05:00
user to sign in and authorize the GitLab application. If the user authenticates
successfully, the user is returned to GitLab and signed in.