SSOΒΆ
KeycloakΒΆ
Weβre hosting our own Keycloak as our IAM, while the users are stored in the LDAP.
Note
The deployment, and all documentation for Keycloak can be found in the GitLab SSO project.
LDAPΒΆ
As mentioned in the Keycloak chapter, our users are stored in our own LDAP server.
Note
The deployment, and all documentation for Keycloak can be found in the GitLab LDAP project.
Use the π₯ LDIF user generator to create the LDIF for the LDAP user.
OIDCΒΆ
Whenever possible, weβre using OIDC to connect our services to Keycloak. However, there are also some services which donβt support OIDC. These services will use LDAP instead.