Use Atlassian Crowd as an authentication provider

Tier: Free, Premium, Ultimate
Offering: GitLab Self-Managed

Authenticate to GitLab using the Atlassian Crowd OmniAuth provider. Enabling this provider also allows Crowd authentication for Git-over-https requests.

Configure a new Crowd application

Choose ‘Applications’ in the top menu, then ‘Add application’.
Go through the ‘Add application’ steps, entering the appropriate details. The screenshot below shows an example configuration.

Configure GitLab

On your GitLab server, open the configuration file.

Linux package installations:
```
  sudo editor /etc/gitlab/gitlab.rb
```

Self-compiled installations:

  cd /home/git/gitlab

  sudo -u git -H editor config/gitlab.yml

Configure the common settings to add crowd as a single sign-on provider. This enables Just-In-Time account provisioning for users who do not have an existing GitLab account.

Add the provider configuration:

Linux package installations:

  gitlab_rails['omniauth_providers'] = [
    {
      name: "crowd",
      args: {
        crowd_server_url: "CROWD_SERVER_URL",
        application_name: "YOUR_APP_NAME",
        application_password: "YOUR_APP_PASSWORD"
      }
    }
  ]

Self-compiled installations:

   - { name: 'crowd',
       args: {
         crowd_server_url: 'CROWD_SERVER_URL',
         application_name: 'YOUR_APP_NAME',
         application_password: 'YOUR_APP_PASSWORD' } }

Change CROWD_SERVER_URL to the base URL of your Crowd server.
Change YOUR_APP_NAME to the application name from Crowd applications page.
Change YOUR_APP_PASSWORD to the application password you’ve set.
Save the configuration file.
Reconfigure (Linux package installations) or restart (self-compiled installations) for the changes to take effect.

On the sign in page there should now be a Crowd tab in the sign in form.

Troubleshooting

Error: “could not authorize you from Crowd because invalid credentials”

This error sometimes occurs when a user attempts to authenticate with Crowd. The Crowd administrator should consult the Crowd log file to know the exact cause of this error message.

Ensure the Crowd users who must sign in to GitLab are authorized to the application in the Authorization step. This could be verified by trying “Authentication test” for Crowd (as of 2.11).

Docs

Edit this page to fix an error or add an improvement in a merge request.

Create an issue to suggest an improvement to this page.

Product

Create an issue if there's something you don't like about this feature.

Propose functionality by submitting a feature request.

Feature availability and product trials

View pricing to see all GitLab tiers and features, or to upgrade.

Try GitLab for free with access to all features for 30 days.

Get help

If you didn't find what you were looking for, search the docs.

If you want help with something specific and could use community support, post on the GitLab forum.

For problems setting up or using this feature (depending on your GitLab subscription).

Request support