SAML group lock setting only visible if group SAML is enabled
Summary
GitLab 15.10 released SAML group lock, however, the setting in the admin area is only visible if group SAML is enabled. SAML Group links are available to instance level SAML.
- Related issue: Create SAML Group Lock for Self-Managed GitLab (#386390 - closed)
- Related MR: Changes for SAML group lock self-managed (!112950 - merged)
Steps to reproduce
Global SAML group memberships lock
- Configure SAML for your self-managed GitLab instance.
- Ensure group SAML is not enabled
- Navigate to the Admin Area
- On the left sidebar, select
Settings > General
. - Expand the
Visibility and access controls
section. - Observe that
SAML group membership settings
is missing
What is the current bug behavior?
- The
SAML group membership settings
section is missing
What is the expected correct behavior?
- The
SAML group membership settings
section is present
Relevant logs and/or screenshots
Group SAML disabled | Group SAML enabled |
---|---|
![]() |
![]() |
Possible fixes
Modify group_saml_enabled?
to use global_saml_enabled?
or saml_enabled?
instead.
Workarounds
- Use the Application settings API to update the
lock_memberships_to_saml
setting.
Example curl request
curl --location --request PUT 'https://{instance URL}/api/v4/application/settings' \
--header 'Private-token: {TOKEN}' \
--header 'Content-Type: application/json' \
--data '{
"lock_memberships_to_saml": true
}'
Edited by Jiovanni Castillo