Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

GitLab Single Sign-On (SAML SSO)


GitLab SAML Single Sign-On (SSO) solution by miniOrange provides secure Single Sign-On access to GitLab & multiple On-Premise and Cloud Applications using a single set of login credentials. With miniOrange IDP service you can SSO login to multiple applications using a single Gitlab username and password. Gitlab Single Sign-On (SSO) can also be enabled if your users are in any of the third-party Identity Providers and you want your users to log into Gitlab uisng existing IdP credentials, you can easily allow them to SSO into Gitlab in a secure manner.


With miniOrange GitLab SSO, you can:

  • Enable your users to automatically login to GitLab.
  • Have centralized and easy access control of the users.
  • Connect easily with any external identity source like Azure AD, ADFS, Cognito, etc.

Get Free Installation Help


miniOrange offers free help through a consultation call with our System Engineers to Install or Setup GitLab SSO solution in your environment with 30-day free trial.

For this, you need to just send us an email at idpsupport@xecurify.com to book a slot and we'll help you in no time.



Supported SSO Features

miniOrange GitLab SAML integration supports the following features:

  • SP Initiated SSO Login: Users can access their GitLab account via a URL or bookmark. They will automatically be redirected to the miniOrange portal for login. Once they've signed on, they'll be automatically redirected and logged into GitLab.
  • IdP Initiated SSO Login: Users need to login to the miniOrange first , and then click on the GitLab icon on the applications dashboard to access GitLab.(If you have set up any more Identity Sources, you will log in to that platform).
  • JIT Provisioning: Enables the automatic creation of user accounts in GitLab when a person logs in for the first time via Desktop SSO, IDP, or Active Directory (AD) authentication.
  • Single Logout: With this feature, you will be automatically logged out of all the applications that are connected with Identity provider (IdP) when you log out from GitLab org or any other app.
  • Mandate users to Login using SSO: Single Sign-on can make it mandatory for all users to log in using SSO. This will prevent any person from login using any other source and bypassing the login system. No person will be able to have direct login making it a streamline and secure process.

Connect with External Source of Users


miniOrange provides user authentication from various external sources, which can be Directories (like ADFS, Microsoft Active Directory, OpenLDAP, AWS etc), Identity Providers (like Microsoft Entra ID, Okta, AWS), and many more. You can configure your existing directory/user store or add users in miniOrange.



Prerequisites

  • Login into GitLab admin dashboard.
  • Go to Groups >> Your groups.
  • GitLab Single Sign-On (sso) click on Groups then Your groups

  • Click on New group button.
  • GitLab Single Sign-On (sso) Add New group

  • Enter the required group details and then click on Create group.
  • GitLab Single Sign-On (sso) Enter group name and group URL

  • In Groups, select the group name that you created.
  • GitLab Single Sign-On (sso) select your group name

  • In the left menu bar, click on Settings >> SAML SSO.
  • GitLab Single Sign-On (sso) select your group name

  • Under SAML Single Sign On, copy the GitLab metadata URL. This will be required in Step 1 while configuring SSO on the miniOrange dashboard.
  • GitLab Single Sign-On (sso) select your group name

Follow the Step-by-Step Guide given below for Gitlab Single Sign-On (SSO)

1. Configure GitLab in miniOrange

  • Login into miniOrange Admin Console.
  • Go to Apps and click on Add Application button.
  • GitLab Single Sign-On (SSO) add app

  • In Choose Application, select SAML/WS-FED from the application type dropdown.
  • GitLab Single Sign-On (SSO) choose app type

  • Search for GitLab in the list, if you don't find GitLab in the list then, search for custom and you can set up your application in Custom SAML App.
  • GitLab Single Sign-On (SSO) manage apps

  • Now we will upload the metadata URL from the GitLab that you downloaded in Prerequisite using the Import SP Metadata feature.
  • GitLab SSO (Single Sign-On): Upload the SP Metadata URL

  • Enter the App name as GitLab, select the SP Metadata file format and upload the file.
  • Then click on the Import button.
  • All the values will be auto-filled
  • Click on Next to proceed further.
  • In the Attribute Mapping tab configure the following attributes as shown in the image below.
  • GitLab Single Sign-On (sso) Add Attribute

  • To upload respective app logo for a Custom SAML App, click on Upload Logo tab.
  • GitLab Single Sign-On (sso) Upload Logo

  • Click on Save.
  • To get miniOrange metadata details in order to configure GitLab:

  • Go to Apps >> Manage Apps.
  • Search for your app and click on the Select in action menu against your app.
  • Click on the Metadata Option under the Select Dropdown to get the miniOrange Metadata details. You can also click on the Show SSO Link to see the IdP initiated SSO link for GitLab.
  • Go to Metadata link GitLab SAML SSO

  • Here you will see 2 options, if you are setting up miniOrange as IDP copy the metadetails related to miniOrange, if you required to be authenticated via external IDP's (Okta, Azure AD, ADFS, OneLogin, Google Workspace) you can get metadata from the 2nd Section as shown below.
  • GitLab Single Sign-On (sso) Select Metadata details external IDP or miniOrange as IDP

  • Keep SAML Login URL, SAML Logout URL and click on the Download Certificate button to download certificate which you will require in Step 2.
  • GitLab Single Sign-On (SSO) Click on Download Certificate

2. Setting SAML SSO in Gitlab

  • Sign up to GitLab admin console.
  • Navigate to the Settings >> SAML SSO.
  • Scroll down to Configuration and turn on the Enable SAML authentication for this group toggle button.
  • Enter the following values into the fields below:
  • Identity provider single sign on URL You will get IdP Metadata URL from miniOrange dashboard
    Certificate fingerprint The SHA-1 Fingerprint needs to be used in the configuration below.
    GitLab Single Sign-On (SSO) enter the IdP information

  • Click on Save Changes.

3. Test SSO Configuration

Test SSO login to your GitLab account with miniOrange IdP:

    Using SP Initiated Login

    • Go to your GitLab URL, here you will be either asked to enter the username or click on the SSO link which will redirect you to miniOrange IdP Sign On Page.
    • GitLab Single Sign-On (SSO) login

    • Enter your miniOrange login credential and click on Login. You will be automatically logged in to your GitLab account.

    Using IDP Initiated Login

    • Login to miniOrange IdP using your credentials.
    • GitLab Single Sign-On (SSO)

    • On the Dashboard, click on GitLab application which you have added, to verify SSO configuration.
    • GitLab Single Sign-On (SSO) verify configuration


    Not able to configure or test SSO?


    Contact us or email us at idpsupport@xecurify.com and we'll help you setting it up in no time.



External References

Want To Schedule A Demo?

Request a Demo
  



Our Other Identity & Access Management Products