Configure Profile Visibility to Require Authentication on Self-Hosted GitLab Instances

Description

Currently, on self-hosted GitLab instances, unauthenticated users can visit profile URLs (e.g., https://instance/profile.name) and view personally identifiable information (PII) for users. This can lead to potential privacy concerns.

The customer would like a feature that allows instance administrators to configure profile visibility settings so that users must be authenticated before they can view profile details. This enhancement will provide better control over user privacy and ensure that sensitive information is not exposed to unauthenticated users.

Proposal:

• Add a configuration option in the GitLab instance settings that allows administrators to require authentication for viewing user profiles.
• Provide a toggle to enable or disable this feature, giving administrators flexibility based on their security and privacy requirements.

Benefits:

• Enhanced privacy and security for user profiles on self-hosted GitLab instances.
• Greater control for administrators over who can access PII data.
• Reduced risk of exposing sensitive user information to unauthorized individuals.

Additional Information:

If more details or examples are required, please let us know. This enhancement will significantly improve the privacy and security of user data on self-hosted GitLab instances.