this post was submitted on 28 Oct 2023
2 points (100.0% liked)

Self-Hosted Main

502 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
communick@selfhosted.forum
2
SSO and IAM for self-hosted gitlab, mattermost, reviewboard (alien.top)
submitted 10 months ago by ww_pt@alien.top to c/main@selfhosted.forum
3 comments fedilink hide all child comments
 

Hey everyone,

Our small company has self-hosted Gitlab, Mattermost and Reviewboard. Currently there are separate logins for all of them. I'm looking for a self-hosted SSO solution that could help my colleagues with user management and also help all of us have less logins to worry about.One think I need is managing which user has access to which application. For example: Only some people should be able to access the Gitlab, but all should be able to access Mattermost.

I've already looked at the options and played with Zitadel and Logto but they don't seem to solve the access issues mentioned above (they have roles, but you can't block access to an application based on them as far as I tried - but please correct me if I'm wrong).

I've also looked at Keycloak and it seems to offer client roles which you can then add to users. I'm just not sure if they can be used for user access.

Did anyone have similar issue? How did/would you solve it?Thank you for your answers.

you are viewing a single comment's thread
view the rest of the comments
[–] indykoning@alien.top 1 points 10 months ago

I know Authentik supports managing access per role, it's how it's meant to be used. https://goauthentik.io/docs/applications#authorization

Seems they have a doc on setting it up with gitlab. https://goauthentik.io/integrations/services/gitlab/