Mattermost TE Gitlab auth with Cloudron
-
Hi Folks!
I wonder if anyone of you got Mattermost Team Edition to work with the Cloudron OIDC-Provider. I currently run a setup where I use Keycloak with Mattermost, but I want to replace it with cloudron – Mattermost-Support is currently the only dealstopper.
If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.
As far as I can see currently, Cloudron does not support such a token and therefore can't be used with Mattermost Team Edition.
I know that Mattermost EE has a more broad support of sign-in methods. However, in these special circumstances, it is not an option because I have a high number of occasional users, which would render using Mattermost EE a financial disaster.
Mabe one of you have some wise thoughts on this. Thank you in advance!
-
Hi Folks!
I wonder if anyone of you got Mattermost Team Edition to work with the Cloudron OIDC-Provider. I currently run a setup where I use Keycloak with Mattermost, but I want to replace it with cloudron – Mattermost-Support is currently the only dealstopper.
If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.
As far as I can see currently, Cloudron does not support such a token and therefore can't be used with Mattermost Team Edition.
I know that Mattermost EE has a more broad support of sign-in methods. However, in these special circumstances, it is not an option because I have a high number of occasional users, which would render using Mattermost EE a financial disaster.
Mabe one of you have some wise thoughts on this. Thank you in advance!
@im-fabian afaik, the OpenID connect is not available in the free version . See https://mattermost.com/pricing/ .
Can you tell me how you are using Keycloak with Mattermost ? Are you in the Professional or Enterprise plan ?
-
@girish I am on the Team Edition. Indeed OpenID in a restricted manner is available, but it is designed to work with the default gitlab configuration only: https://docs.mattermost.com/onboard/sso-gitlab.html
There is nothing in the license which forbids to use this auth-endpoint for other purposes. Additionally you can change the text and color of the login button via the config.json.A tutorial for keycloak can be found here: https://medium.com/@mrtcve/mattermost-teams-edition-replacing-gitlab-sso-with-keycloak-dabf13ebb99e
-
Hi Folks!
I wonder if anyone of you got Mattermost Team Edition to work with the Cloudron OIDC-Provider. I currently run a setup where I use Keycloak with Mattermost, but I want to replace it with cloudron – Mattermost-Support is currently the only dealstopper.
If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.
As far as I can see currently, Cloudron does not support such a token and therefore can't be used with Mattermost Team Edition.
I know that Mattermost EE has a more broad support of sign-in methods. However, in these special circumstances, it is not an option because I have a high number of occasional users, which would render using Mattermost EE a financial disaster.
Mabe one of you have some wise thoughts on this. Thank you in advance!
@im-fabian said in Mattermost TE Gitlab auth with Cloudron:
If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.
I guess this is something we should investigate.... (though Cloudron doesn't really have unique id integer per user)
-
@im-fabian said in Mattermost TE Gitlab auth with Cloudron:
If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.
I guess this is something we should investigate.... (though Cloudron doesn't really have unique id integer per user)
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login