Mattermost, Inc.

How is GitLab SSO configured in GitLab Mattermost?

GitLab SSO for Mattermost alpha (v0.6.0) focused on sign-up and login of user accounts, and was not available for restricting or facilitating team creation (the first screen of the Mattermost experience).

Based on feedback from the GitLab community the following features are being developed for the September 4 release of Mattermost v0.7.0, and v0.7.0-rc1 should be available August 31.

The links in the list above lead to tickets in the new Mattermost issue tracker where you can monitor the progress of these changes.

Will this be possible also with a standalone installation of Mattermost? I will like something that allow users of GitLab to access Team in Mattermost and have a control of that

hi @cifvts, yes, these features will be available in the standalone version of Mattermost as well,

The following steps can be used to configure Mattermost to use GitLab as a single-sign-on (SSO) service in v0.7.0.

  1. Login to your GitLab account and go to the Applications section either in Profile Settings or Admin Area.
  2. Add a new application called “Mattermost” with the following as Redirect URIs:
  1. Submit the application and copy the given Id and Secret into the appropriate SSOSettings fields in config/config.json

  2. Also in config/config.json, set Allow to true for the gitlab section, leave Scope blank and use the following for the endpoints:

  • AuthEndpoint: <your-gitlab-url>/oauth/authorize (example http://localhost:3000/oauth/authorize)
  • TokenEndpoint: <your-gitlab-url>/oauth/token
  • UserApiEndpoint: <your-gitlab-url>/api/v3/user
  1. (Optional) If you would like to force all users to sign-up with GitLab only, in the ServiceSettings section of config/config.json please set AllowEmailSignUp to false.

  2. Restart your Mattermost server to see the changes take effect.