Commit 9fdcdea8 authored by Wojciech Pater's avatar Wojciech Pater Committed by Mike Jang

Update Cognito docs - empty `extern_uid`

parent cb75f697
...@@ -26,7 +26,7 @@ The following steps enable AWS Cognito as an authentication provider: ...@@ -26,7 +26,7 @@ The following steps enable AWS Cognito as an authentication provider:
- **Callback URL** - `https://gitlab.example.com/users/auth/cognito/callback` - **Callback URL** - `https://gitlab.example.com/users/auth/cognito/callback`
- Substitute the URL of your GitLab instance for `gitlab.example.com` - Substitute the URL of your GitLab instance for `gitlab.example.com`
- **Allowed OAuth Flows** - Authorization code grant - **Allowed OAuth Flows** - Authorization code grant
- **Allowed OAuth Scopes** - `email` and `openid` - **Allowed OAuth2 Scopes** - `email`, `openid`, and `profile`
1. Save changes for the app client settings. 1. Save changes for the app client settings.
1. Under **Domain name** include the AWS domain name for your AWS Cognito application. 1. Under **Domain name** include the AWS domain name for your AWS Cognito application.
...@@ -54,15 +54,17 @@ Include the code block in the `/etc/gitlab/gitlab.rb` file: ...@@ -54,15 +54,17 @@ Include the code block in the `/etc/gitlab/gitlab.rb` file:
"app_id" => "CLIENT ID", "app_id" => "CLIENT ID",
"app_secret" => "CLIENT SECRET", "app_secret" => "CLIENT SECRET",
"args" => { "args" => {
"scope" => "openid profile email",
client_options: { client_options: {
'site' => 'https://your_domain.auth.your_region.amazoncognito.com', 'site' => 'https://your_domain.auth.your_region.amazoncognito.com',
'authorize_url' => '/login', 'authorize_url' => '/oauth2/authorize',
'token_url' => '/oauth2/token', 'token_url' => '/oauth2/token',
'user_info_url' => '/oauth2/userInfo' 'user_info_url' => '/oauth2/userInfo'
}, },
user_response_structure: { user_response_structure: {
root_path: [], root_path: [],
attributes: { nickname: 'email'} id_path: ['sub'],
attributes: { nickname: 'email', name: 'email', email: 'email' }
}, },
name: 'cognito', name: 'cognito',
strategy_class: "OmniAuth::Strategies::OAuth2Generic" strategy_class: "OmniAuth::Strategies::OAuth2Generic"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment