SSO with multiple providers using the same strategy
Audience
As an admin of a GitLab instance, I want to allow users from different communities to log in, so I often need multiple providers running the same type of software as the login options. Alternatively, I run two instances of the same SSO login system with different settings in parallel, to allow users to test the new login system and fall back to the old one if it doesn’t work as expected
Background
This issue is either about missing documentation or functionality.
Say, a GitLab instance admins want to allow users to log in with two different OpenID Connect systems. Or multiple different other GitLab instances: for example, GitLab.com, Freedesktop.org and salsa.debian.org. It is not clear from the documentation whether this is possible at all, but based on my understanding of how Gitlab::Auth::OAuth::Provider
and Gitlab::OmniauthInitializer
work, the name
key is used as a discriminator of both strategy name and the provider name, essentially resulting in one provider per strategy limitation.