Introduce a mechanism to have public OAuth clients across GitLab installations

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

While creating tools for Gitlab which are supposed to work across the GitLab installations, having a common OAuth Id will help the tools to switch between GitLab instances just using the instance URL.

Use cases include

• Gitlab CLI
• Gitlab IDE plugins
• Git Credential manager #374172

Alternatives

• Create a metadata endpoint which tools can use to fetch the OAuth id for the given public application
• Not standard compliant, and cause extra work for clients

Aspects to consider

From ~"group::authentication and authorization"

• Is this a secure way to authenticate?
• Should we have some kind of mechanism to avoid these default OAuth applications getting deleted by mistake?

From groupdistribution

• Is this a feasible method in all our active channels of distribution?