SAML SSO authentication for GitLab.com groups
Similary to #461385, user must be able to login via Group SAML SSO. The callback URL does contain the root group path as https://gitlab.com/groups/GROUP-PATH/-/saml/callback
, so the router should be able to route the request to the owning cell.
An important prerequisite from the Topology Service is to ensure the uniqueness of namespace paths across the cluster.
An alternative approach could be to generate SSO related URLs on SAML Single Sign On Settings
page with organization
param:
SAML: https://<GITLAB_DOMAIN>/groups/GROUP-PATH/-/saml/callback would receive ?organization=gitlab-inc
Edited by Imre Farkas