Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Mattermost
  3. Mattermost TE Gitlab auth with Cloudron

Mattermost TE Gitlab auth with Cloudron

Scheduled Pinned Locked Moved Mattermost
5 Posts 2 Posters 965 Views 2 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • im-fabianI Offline
    im-fabianI Offline
    im-fabian
    wrote on last edited by girish
    #1

    Hi Folks!

    I wonder if anyone of you got Mattermost Team Edition to work with the Cloudron OIDC-Provider. I currently run a setup where I use Keycloak with Mattermost, but I want to replace it with cloudron – Mattermost-Support is currently the only dealstopper.

    If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.

    As far as I can see currently, Cloudron does not support such a token and therefore can't be used with Mattermost Team Edition.

    I know that Mattermost EE has a more broad support of sign-in methods. However, in these special circumstances, it is not an option because I have a high number of occasional users, which would render using Mattermost EE a financial disaster.

    Mabe one of you have some wise thoughts on this. Thank you in advance!

    girishG 2 Replies Last reply
    1
    • im-fabianI im-fabian

      Hi Folks!

      I wonder if anyone of you got Mattermost Team Edition to work with the Cloudron OIDC-Provider. I currently run a setup where I use Keycloak with Mattermost, but I want to replace it with cloudron – Mattermost-Support is currently the only dealstopper.

      If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.

      As far as I can see currently, Cloudron does not support such a token and therefore can't be used with Mattermost Team Edition.

      I know that Mattermost EE has a more broad support of sign-in methods. However, in these special circumstances, it is not an option because I have a high number of occasional users, which would render using Mattermost EE a financial disaster.

      Mabe one of you have some wise thoughts on this. Thank you in advance!

      girishG Do not disturb
      girishG Do not disturb
      girish
      Staff
      wrote on last edited by
      #2

      @im-fabian afaik, the OpenID connect is not available in the free version . See https://mattermost.com/pricing/ .

      Can you tell me how you are using Keycloak with Mattermost ? Are you in the Professional or Enterprise plan ?

      1 Reply Last reply
      0
      • im-fabianI Offline
        im-fabianI Offline
        im-fabian
        wrote on last edited by im-fabian
        #3

        @girish I am on the Team Edition. Indeed OpenID in a restricted manner is available, but it is designed to work with the default gitlab configuration only: https://docs.mattermost.com/onboard/sso-gitlab.html
        There is nothing in the license which forbids to use this auth-endpoint for other purposes. Additionally you can change the text and color of the login button via the config.json.

        A tutorial for keycloak can be found here: https://medium.com/@mrtcve/mattermost-teams-edition-replacing-gitlab-sso-with-keycloak-dabf13ebb99e

        1 Reply Last reply
        1
        • im-fabianI im-fabian

          Hi Folks!

          I wonder if anyone of you got Mattermost Team Edition to work with the Cloudron OIDC-Provider. I currently run a setup where I use Keycloak with Mattermost, but I want to replace it with cloudron – Mattermost-Support is currently the only dealstopper.

          If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.

          As far as I can see currently, Cloudron does not support such a token and therefore can't be used with Mattermost Team Edition.

          I know that Mattermost EE has a more broad support of sign-in methods. However, in these special circumstances, it is not an option because I have a high number of occasional users, which would render using Mattermost EE a financial disaster.

          Mabe one of you have some wise thoughts on this. Thank you in advance!

          girishG Do not disturb
          girishG Do not disturb
          girish
          Staff
          wrote on last edited by
          #4

          @im-fabian said in Mattermost TE Gitlab auth with Cloudron:

          If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.

          I guess this is something we should investigate.... (though Cloudron doesn't really have unique id integer per user)

          im-fabianI 1 Reply Last reply
          0
          • girishG girish

            @im-fabian said in Mattermost TE Gitlab auth with Cloudron:

            If I recall right, the issue with using the GitLab auth feature with any other OIDC IdP was that Mattermost Team Edition expects a claim "id", which needs to be an integer and unique to the user – and also be added to the userinfo.

            I guess this is something we should investigate.... (though Cloudron doesn't really have unique id integer per user)

            im-fabianI Offline
            im-fabianI Offline
            im-fabian
            wrote on last edited by
            #5

            @girish that would be great. Could provide Cloudron SSO for Mattermost out of the box.

            For unique integer: We used the field employeenumber in ldap and just let the ldap server count one up per each user added.

            1 Reply Last reply
            0
            Reply
            • Reply as topic
            Log in to reply
            • Oldest to Newest
            • Newest to Oldest
            • Most Votes


            • Login

            • Don't have an account? Register

            • Login or register to search.
            • First post
              Last post
            0
            • Categories
            • Recent
            • Tags
            • Popular
            • Bookmarks
            • Search