Log in with ZITADEL on Gitlab OmniAuth Provider - Zitadel

import CreateApp from "../application/_application.mdx";

This guide shows how to enable login with ZITADEL on self-hosted Gitlab instances.

It covers how to:

create and configure the application in your ZITADEL project
create and configure the connection in a self-hosted Gitlab instance

Prerequisites:

existing ZITADEL Instance, if not present follow this guide
existing ZITADEL Organization, if not present follow this guide
existing ZITADEL project, if not present follow the first 3 steps here
running Gitlab instance see installation guide

<CreateApp components={props.components} appType="web" authType="code" appName="Gitlab" redirectURI="https://<your_gitlab_url>/users/auth/openid_connect/callback"/>

Gitlab settings

Follow this guide of gitlab to configure the omniauth provider. Here are some example settings with redacted secrets.

Replace the values of the following fields:

args.client_options.identifier with the ClientId generated by ZITADEL
args.client_options.secret with the ClientSecret generated by ZITADEL
args.client_options.redirect_uri with the proper URL to your gitlab instance and callback

ruby

gitlab_rails['omniauth_providers'] = [
  {
    name: "openid_connect",
    label: "ZITADEL",
    icon: "https://${CUSTOM_DOMAIN}/ui/console/assets/icons/favicon-32x32.png",
    args: {
      name: "openid_connect",
      scope: ["openid","profile","email"],
      response_type: "code",
      issuer: "https://${CUSTOM_DOMAIN}",
      discovery: true,
      client_options: {
        identifier: "<CLIENT ID from ZITADEL>",
        secret: "<CLIENT SECRET from ZITADEL>",
        redirect_uri: "https://<YOUR_GITLAB_URL>/users/auth/openid_connect/callback"
      }
    }
  }
]