Configuring JWT to acess gitlab via api

Hello,

I’m currently trying to curl some request to gitlab-ee with a Jwt header generated throught azureAD, but i’m only abble to get an 401 Unauthorized.

The more I try the more i wonder if this is only possible.

My gitlab.rb configuration :

### OmniAuth Settings
###! Docs: https://docs.gitlab.com/ce/integration/omniauth.html
gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = ['saml','azure_oauth2','jwt']
# gitlab_rails['omniauth_sync_email_from_provider'] = 'saml'
# gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml']
# gitlab_rails['omniauth_sync_profile_attributes'] = ['email']
# gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'azure_oauth2'
# gitlab_rails['omniauth_block_auto_created_users'] = true
# gitlab_rails['omniauth_auto_link_ldap_user'] = true
# gitlab_rails['omniauth_auto_link_saml_user'] = false
gitlab_rails['omniauth_external_providers'] = ['azure_oauth2','jwt']
gitlab_rails['omniauth_providers'] = [
    {
      "name" => "azure_oauth2",
      "args" => {
        "client_id" => "my_secret_client_id",
        "client_secret" => "my_secret_password",
        "tenant_id" => "my_secret_tenant",
      }
    },
    { 
		"name": 'jwt',
		"args": {
	      "secret": 'my_secret_password',
	      "algorithm": 'HS256', # Supported algorithms: 'RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512'
	      "uid_claim": 'email',
	      "required_claims": ['name', 'email'],
	      "info_maps": { "name": 'name', "email": 'email' },
	      "auth_url": 'https://login.microsoftonline.com/my_secret_tenant/oauth2/v2.0/authorize',
	      "valid_within": 3600 # 1 hour
	    }
	  }
  ]

The autentication throught azure by login UI is working fine

Did you ever managed to get this working? I’m on the same situation.