GitLab Authentication

Link a GitLab account to a Kanboard user profile.

Author

• Frédéric Guillot
• License MIT

Requirements

• Kanboard >= 1.0.37
• Account on GitLab.com or you own self-hosted GitLab instance
• Have Kanboard registered as application in GitLab (Settings > Applications)
• Kanboard application URL is defined properly

Installation

You have the choice between 3 methods:

1. Install the plugin from the Kanboard plugin manager in one click
2. Download the zip file and decompress everything under the directory plugins/GitlabAuth
3. Clone this repository into the folder plugins/GitlabAuth

Note: Plugin folder is case-sensitive.

Documentation

How does this work?

The GitLab authentication in Kanboard uses the OAuth 2.0 protocol, so any user of Kanboard can be linked to a GitLab account.

That means you can use your GitLab account to login on Kanboard.

Installation instructions

Setting up OAuth 2.0

• On GitLab, register a new application by following the official documentation
• In Kanboard, you can get the callback url in Settings > Integrations > GitLab Authentication, just copy and paste the url

Setting up Kanboard

1. The easiest way is to copy and paste the GitLab OAuth2 credentials in the form Settings > Integrations > GitLab Authentication.
2. Or add the credentials in your custom config file

If you use the second method, use these parameters in your config.php:

// GitLab application id
define('GITLAB_CLIENT_ID', 'YOUR_APPLICATION_ID');

// GitLab application secret
define('GITLAB_CLIENT_SECRET', 'YOUR_APPLICATION_SECRET');

Custom endpoints for self-hosted GitLab

Change the default values if you use a self-hosted instance of GitLab:

• GitLab Authorize URL: http://YOUR_GITLAB_HOSTNAME:CUSTOM_PORT/oauth/authorize (example: http://192.168.99.100:8080/oauth/authorize)
• GitLab Token URL: http://YOUR_GITLAB_HOSTNAME:CUSTOM_PORT/oauth/token
• GitLab API URL: http://YOUR_GITLAB_HOSTNAME:CUSTOM_PORT/api/v3/ (don't forget the trailing slash)

How to link an existing GitLab account

1. Go to your user profile
2. Click on External accounts
3. Click on the link Link my GitLab Account
4. You are redirected to the GitLab authorization form
5. Authorize Kanboard by clicking on the button Accept
6. Your account is now linked

Now, on the login page you can be authenticated in one click with the link Login with my GitLab Account.

Your name and email are automatically updated from your GitLab Account if defined.

How to create automatically users during the first login

1. On the settings page, check the box Allow Account Creation
2. If you would like to apply a restriction based on the email domain name enter the correct value in the second field

New users will have the same username as the one in GitLab and they will be tagged as remote user.

Important Note: If you use the public GitLab and don't apply any domain restriction, everybody in the world will be able to sign in.

Notes

Kanboard uses these information from your GitLab profile:

• Username
• Full name
• Email address
• GitLab unique id

The GitLab unique id is used to link the local user account and the GitLab account.

Known issues

GitLab OAuth will work only with url rewrite enabled. At the moment, GitLab doesn't support callback url with query string parameters. See GitLab issue.