Mattermost Peer-to-Peer Forum

GitLab SSO login throught NAT gateway



The error “The redirect URI included is not valid.” when connecting to mattermost with gitlab.

Steps to reproduce

Version of gitlab and mattermost : Latest (updated today)

Gitlab and Mattermost are booth installed on separate servers on a platform but are still in the same local subnet.
They are behind a nat gateway that redirect ports for usage outside the this platform.
Mattermost site url is: http://“local IP”:8065 but is fine being called by http://“nat IP”:8065
On mattermost, gitlab site url is:
http://“gitlab nat ip”
As the configuration is made on the interface the userAPI endpoint, Auth Endpoint and token Endpoint are autofilled so I assume they are corrects.

On Gitlab the mattermost module is configured with the following urls :
http://“mattermost nat ip”:8065/login/gitlab/complete
http://“mattermost nat ip”:8065/signup/gitlab/complete

I tried to do it locally using only the local IP for gitlab site url and the callback urls and it worked fine, so I’m pretty sure this is a problem with the nat gateway, but I have no clue why.

I did found many other issues about this problem, but in none of them a nat gateway was involved.

Expected behavior

Being loggued into mattermost using gitlab sso

Observed behavior

I am redirected to gitlab in which I can sucessfully log in, but then this error is displayed by gitlab :


Hi @Junn-Sorran,

Wondering if any of these previous threads might help: