Use Facebook as an OAuth 2.0 authentication provider

DETAILS: Tier: Free, Premium, Ultimate Offering: Self-managed

You can use the Facebook OmniAuth provider to authenticate users with their Facebook account.

To enable the Facebook OmniAuth provider, you must:

• Register your application with Facebook. Facebook generates an app ID and a secret key for you to use.
• Configure the GitLab server.

Register your application with Facebook

1. Sign in to your Facebook developer account.

2. Go to My Apps > Create App, then complete the following steps:

   1. Enter a descriptive name for your app. For example: <your_organization's> GitLab or <your_name's> GitLab.

   2. Select Create New Facebook App ID.

   3. Select a Category. For example Productivity.

   4. Select Create App ID.

   5. At the bottom of the page, enter the address of your GitLab installation.

      

   6. Select Next.

3. In the upper-right corner, select Skip Quick Start.

4. From the menu on the left, select Settings, then complete the following:

   1. Enter a contact email for your app.

      

   2. Select Save Changes.

5. From the menu on the left, select Status & Review, then complete the following:

   1. Change the switch on the right from No to Yes.

   2. When prompted to make the app public, select Confirm.

6. From the menu on the left, select Dashboard, then complete the following:

   1. Next to the hidden App Secret, select Show.

   2. Copy the App ID and App Secret. Keep this page open as you continue configuration.

      

Configure the GitLab server

1. On your GitLab server, open the configuration file:

   ::Tabs

   :::TabTitle Linux package installations

   sudo editor /etc/gitlab/gitlab.rb

   :::TabTitle Self-compiled installations

   cd /home/git/gitlab
   
   sudo -u git -H editor config/gitlab.yml

   ::EndTabs

2. Configure the common settings to add facebook as a single sign-on provider. This enables Just-In-Time account provisioning for users who do not have an existing GitLab account.

3. Add the provider configuration:

   ::Tabs

   :::TabTitle Linux package installations

   gitlab_rails['omniauth_providers'] = [
     {
       name: "facebook",
       # label: "Provider name", # optional label for login button, defaults to "Facebook"
       app_id: "YOUR_APP_ID",
       app_secret: "YOUR_APP_SECRET"
     }
   ]

   :::TabTitle Self-compiled installations

   - { name: 'facebook',
       # label: 'Provider name', # optional label for login button, defaults to "Facebook"
       app_id: 'YOUR_APP_ID',
       app_secret: 'YOUR_APP_SECRET' }

   ::EndTabs

4. In the provide configuration, paste the following values:

   1. YOUR_APP_ID: The App ID you copied in the previous step.

   2. YOUR_APP_SECRET: The App Secret you copied in the previous step.

5. Save the configuration file.

6. For the changes to take effect:

   • If you installed using the Linux package, reconfigure GitLab.
   • If you self-compiled your installation, restart GitLab.

On the sign in page, a Facebook icon should now appear below the sign-in fields. The user can select the icon to sign in.