Mattermost, Inc.

API authentication when using Gitlab SSO

Hi,

I’ve got Mattermost running as part of a Gitlab installation. Gitlab sign-on is working and is currently the only enabled authentication mechanism for users. Gitlab itself authenticates against another SSO provider used across other applications.

In an effort to automate user onboarding, I’m trying to invite newly created users to join teams in Mattermost.

  1. How should I authenticate to the API server when using Gitlab as SSO?
  2. Any pointers to documentation for inviting/removing users to/from teams would be extremely appreciated.

Hi @mwcoop, this doc might help: https://docs.mattermost.com/deployment/sso-gitlab.html.

Thanks. However, I have Gitlab SSO working. I am now trying to access Mattermost API via the python mattermostdriver project.

Using a personal access token returns a 401 response. This is an old question about the same problem:

https://stackoverflow.com/questions/36650437/using-mattermost-api-via-gitlab-oauth-as-an-end-user-with-username-and-password

Anyway, I’m looking for a way to access API as a user who signs in via Gitlab SSO. Any help is greatly appreciated.

Hi there.

Based on the old article I came across here, it seems that it is not possible to access Mattermost API via Gitlab SSO.

I further came across the article above that you might be interested to check on though it was opened since the last 2 years. Perhaps you would like to revive the topic again?

As I don’t generally want users using email sign-in, can an admin manually create a user? I simply need a single admin user account with API access.

Hello, @mwcoop

By default, admin(s) who have backend access to the Mattermost server can utilize the mattermost user create CLI command to create user or use the standard methods to invite users to the team or even create users using the API if you prefer too.

However, you mentioned that you do not want users using email sign in. So, I am not quite sure how to go about this.