gitlab-org--gitlab-foss/doc/administration/auth
2021-05-21 06:11:06 +00:00
..
img Add latest changes from gitlab-org/gitlab@master 2021-03-20 00:09:22 +00:00
ldap Add latest changes from gitlab-org/gitlab@master 2021-05-11 00:10:50 +00:00
atlassian.md Add latest changes from gitlab-org/gitlab@master 2021-05-11 00:10:50 +00:00
authentiq.md Add latest changes from gitlab-org/gitlab@master 2021-05-11 00:10:50 +00:00
cognito.md Add latest changes from gitlab-org/gitlab@master 2021-05-11 00:10:50 +00:00
crowd.md Add latest changes from gitlab-org/gitlab@master 2021-05-11 00:10:50 +00:00
jwt.md Add latest changes from gitlab-org/gitlab@master 2021-05-11 00:10:50 +00:00
oidc.md Add latest changes from gitlab-org/gitlab@master 2021-05-11 00:10:50 +00:00
okta.md Add latest changes from gitlab-org/gitlab@master 2021-05-21 06:11:06 +00:00
README.md Add latest changes from gitlab-org/gitlab@master 2021-05-11 00:10:50 +00:00
smartcard.md Add latest changes from gitlab-org/gitlab@master 2021-04-27 15:09:52 +00:00

comments type stage group info
false index Manage Access To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments

GitLab authentication and authorization (FREE SELF)

GitLab integrates with the following external authentication and authorization providers:

NOTE: UltraAuth has removed their software which supports OmniAuth integration. We have therefore removed all references to UltraAuth integration.

SaaS vs Self-Managed Comparison

The external authentication and authorization providers may support the following capabilities. For more information, see the links shown on this page for each external provider.

Capability SaaS Self-Managed
User Provisioning SCIM
JIT Provisioning
LDAP Sync
User Detail Updating (not group management) Not Available LDAP Sync
Authentication SAML at top-level group (1 provider) LDAP (multiple providers)
Generic OAuth2
SAML (only 1 permitted per unique provider)
Kerberos
JWT
Smartcard
OmniAuth Providers (only 1 permitted per unique provider)
Provider-to-GitLab Role Sync SAML Group Sync LDAP Group Sync
User Removal SCIM (remove user from top-level group) LDAP (Blocking User from Instance)