2025-02-23 12:37:00 +01:00 · 2024-10-03 15:12:40 +10:00 · 2024-10-03 15:12:40 +10:00 · 00ab55f2d6
parent 1778eaa380
commit 00ab55f2d6
1 changed files with 12 additions and 2 deletions
--- a/book/src/integrations/oauth2/examples.md
+++ b/book/src/integrations/oauth2/examples.md
@ -78,8 +78,8 @@ To set up a self-managed GitLab instance to authenticate with Kanidm:
    configure the redirect URL, and scope access to the `gitlab_users` group:

    ```sh
-    kanidm system oauth2 create gitlab GitLab https://gitlab.example.com
-    kanidm system oauth2 add-redirect-url gitlab https://gitlab.example.com/users/auth/oauth2_generic/callback
+    kanidm system oauth2 create gitlab GitLab https://gitlab.example.com/users/sign_in
+    kanidm system oauth2 add-redirect-url gitlab https://gitlab.example.com/users/auth/openid_connect/callback
    kanidm system oauth2 update-scope-map gitlab gitlab_users email openid profile groups
    ```

@ -156,6 +156,16 @@ To set up a self-managed GitLab instance to authenticate with Kanidm:
 Once GitLab is up and running, you should now see a "Kanidm" option on your
 GitLab sign-in page below the normal login form.

+Once you've got everything working, you may wish configure GitLab to:
+
+*   [Automatically redirect to the `openid_connect` provider at the login form](https://docs.gitlab.com/ee/integration/omniauth.html#sign-in-with-a-provider-automatically)
+
+*   [Disable password authentication in GitLab](https://docs.gitlab.com/ee/administration/settings/sign_in_restrictions.html#password-authentication-enabled)
+
+*   [Disable new sign-ups in GitLab](https://docs.gitlab.com/ee/administration/settings/sign_up_restrictions.html)
+
+More information about these features is available in GitLab's documentation.
+
 ## JetBrains Hub and YouTrack

 > These instructions were tested with the on-prem version of JetBrains YouTrack