Skip to content

[VS Code] Spike: Single GitLab account per window and use AuthenticationProvider

TL;DR We'll only allow one active account per VS Code window, and we'll rely more on VS Code API to manage authentication. That will result in simpler UX and make it easier to see if something is wrong with the account.

Problem

Currently, we have custom logic for managing accounts. There are several issues with our approach:

  • It's too flexible - we allow multiple accounts to be used within the same window - this makes reasoning about the extension hard for both developers and users

  • Inconsistency: Only OAuth accounts (already using AuthenticationProvider) are shown in the list of VS Code Accounts

    image

  • Reduced compatibility with WebIDE - WebIDE relies on AuthenticationProvider to create authenticated sessions for the GitLab instance.

  • Difficulty debugging account issues - When multiple accounts are used, and one is broken, how can we show it to the user? Right now, we ignore it (and recently, we added an Account Validation command)

Solution

We'll replicate the approach from GitHubAuthenticationProvider which is implemented in the VS Code main codebase. We'll introduce two AuthenticationProviders: GitLab.com and Self Managed.

For any VS Code Window, we'll have only one active account (not multiple like now).

The extension will use gitlab.instanceUrl setting as the indicator of what AuthenticationProvider it should use:

  • https://gitlab.com (default) - We'll use the GitLab.com AuthenticationProvider
  • any other URL - We'll use the Self-managed AuthenticationProvider

Documentation: https://code.visualstudio.com/api/references/vscode-api#AuthenticationProvider

Considerations

  • We must create a migration logic that will make sure that currently working projects will keep working after we move to AuthenticationProviders
    • If people use Self-Managed, we need to extract the URL from their account and set it as the gitlab.instanceUrl setting
  • If people use multiple accounts per VS Code window, we need to ask them to choose one
  • GitLab.com provider supports both OAuth and PAT flow, something that VS Code solves with flows
  • We could easily extend the Self-Managed provider to support OAuth (the user could provide clientId and redirectUri for their OAuth app in their Self-Managed instance)
  • We should introduce some feature that would show account diagnostics (i.e. a way to find out which of your accounts supports a feature)

Result of the spike

This spike will result in POC with a detailed set of estimated issues to migrate the existing multi-account logic to single-account logic.

Edited by Tomas Vik (OOO back on 2026-01-05)