Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Mattermost
  3. Mattermost TE Gitlab auth with Cloudron

Mattermost TE Gitlab auth with Cloudron

Scheduled Pinned Locked Moved Mattermost
5 Posts 2 Posters 839 Views 2 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • im-fabianI Offline
    im-fabianI Offline
    im-fabian
    wrote on last edited by girish
    #1

    Hi Folks!

    I wonder if anyone of you got Mattermost Team Edition to work with the Cloudron OIDC-Provider. I currently run a setup where I use Keycloak with Mattermost, but I want to replace it with cloudron – Mattermost-Support is currently the only dealstopper.

    If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.

    As far as I can see currently, Cloudron does not support such a token and therefore can't be used with Mattermost Team Edition.

    I know that Mattermost EE has a more broad support of sign-in methods. However, in these special circumstances, it is not an option because I have a high number of occasional users, which would render using Mattermost EE a financial disaster.

    Mabe one of you have some wise thoughts on this. Thank you in advance!

    girishG 2 Replies Last reply
    1
    • im-fabianI im-fabian

      Hi Folks!

      I wonder if anyone of you got Mattermost Team Edition to work with the Cloudron OIDC-Provider. I currently run a setup where I use Keycloak with Mattermost, but I want to replace it with cloudron – Mattermost-Support is currently the only dealstopper.

      If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.

      As far as I can see currently, Cloudron does not support such a token and therefore can't be used with Mattermost Team Edition.

      I know that Mattermost EE has a more broad support of sign-in methods. However, in these special circumstances, it is not an option because I have a high number of occasional users, which would render using Mattermost EE a financial disaster.

      Mabe one of you have some wise thoughts on this. Thank you in advance!

      girishG Offline
      girishG Offline
      girish
      Staff
      wrote on last edited by
      #2

      @im-fabian afaik, the OpenID connect is not available in the free version . See https://mattermost.com/pricing/ .

      Can you tell me how you are using Keycloak with Mattermost ? Are you in the Professional or Enterprise plan ?

      1 Reply Last reply
      0
      • im-fabianI Offline
        im-fabianI Offline
        im-fabian
        wrote on last edited by im-fabian
        #3

        @girish I am on the Team Edition. Indeed OpenID in a restricted manner is available, but it is designed to work with the default gitlab configuration only: https://docs.mattermost.com/onboard/sso-gitlab.html
        There is nothing in the license which forbids to use this auth-endpoint for other purposes. Additionally you can change the text and color of the login button via the config.json.

        A tutorial for keycloak can be found here: https://medium.com/@mrtcve/mattermost-teams-edition-replacing-gitlab-sso-with-keycloak-dabf13ebb99e

        1 Reply Last reply
        1
        • im-fabianI im-fabian

          Hi Folks!

          I wonder if anyone of you got Mattermost Team Edition to work with the Cloudron OIDC-Provider. I currently run a setup where I use Keycloak with Mattermost, but I want to replace it with cloudron – Mattermost-Support is currently the only dealstopper.

          If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.

          As far as I can see currently, Cloudron does not support such a token and therefore can't be used with Mattermost Team Edition.

          I know that Mattermost EE has a more broad support of sign-in methods. However, in these special circumstances, it is not an option because I have a high number of occasional users, which would render using Mattermost EE a financial disaster.

          Mabe one of you have some wise thoughts on this. Thank you in advance!

          girishG Offline
          girishG Offline
          girish
          Staff
          wrote on last edited by
          #4

          @im-fabian said in Mattermost TE Gitlab auth with Cloudron:

          If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.

          I guess this is something we should investigate.... (though Cloudron doesn't really have unique id integer per user)

          im-fabianI 1 Reply Last reply
          0
          • girishG girish

            @im-fabian said in Mattermost TE Gitlab auth with Cloudron:

            If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.

            I guess this is something we should investigate.... (though Cloudron doesn't really have unique id integer per user)

            im-fabianI Offline
            im-fabianI Offline
            im-fabian
            wrote on last edited by
            #5

            @girish that would be great. Could provide Cloudron SSO for Mattermost out of the box.

            For unique integer: We used the field employeenumber in ldap and just let the ldap server count one up per each user added.

            1 Reply Last reply
            0
            Reply
            • Reply as topic
            Log in to reply
            • Oldest to Newest
            • Newest to Oldest
            • Most Votes


            • Login

            • Don't have an account? Register

            • Login or register to search.
            • First post
              Last post
            0
            • Categories
            • Recent
            • Tags
            • Popular
            • Bookmarks
            • Search