Skip to content

Update GitHub OAuth / OmniAuth Config Process

Mike Jang requested to merge update-github-oauth-doc into master

What does this MR do?

Most of the OmniAuth docs for "Supported Providers" are out of date, and beyond our control.

These docs, as currently written, are problematic, as they go out of date whenever the noted third party changes their OAuth authentication process.

We've run into and have fixed a similar problem with our Group SAML docs, as noted by @cynthia .

my strategy with this is to provide a checklist and a link. IOW, to set up OAuth, you'll need some list of info, read and [link to these third-party docs], and then incorporate [some list] into gitlab.rb or gitlab.yml.

Does this MR meet the acceptance criteria?

Conformity

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by 🤖 GitLab Bot 🤖

Merge request reports