Authentication and authorization

GitLab uses authentication and authorization to protect your resources without limiting collaboration.

Authentication verifies who you are using methods such as passwords, two-factor authentication, SSH keys, access tokens, and external identity providers like SAML and OAuth. Authorization determines what you can do with roles and granular permissions to control access to groups, projects, and resources. Together, these systems create a security framework that scales from individual users to enterprise organizations.

Understanding the GitLab security model helps you implement access controls that balance security requirements with operational efficiency.

User identity

Authentication methods such as LDAP, OmniAuth, SAML, SCIM, OIDC, and OAuth

User authentication

Passwords, two-factor authentication, SSH keys, access tokens, credentials inventory.

User permissions

User types, roles, permissions, membership, custom roles, and access controls.

Authentication and authorization best practices

Security recommendations and best practices for authentication, authorization, and access management.

Authentication and authorization glossary

Authentication, authorization, permissions, roles, and access control terminology.