Hey all,
We have set up a self-hosted GitLab instance for our school that performs authentication using the Shibboleth SSO linked to the backend of our internal infrastructure. Therefore, our students and staff use the authentication system of the school to validate their identity and access the GitLab Web UI and it doesn’t have a dedicated login page with credentials, it was disabled to perform automatic sign-in with Shibboleth.
In the context of new-coming students, we would like to design a system linked to a Node API (part of our app to manage school applications) to :
1 - Create new user accounts using the GitLab API (since there is no public sign-up option on our instance Web UI)
2 - Have a Node app front-end show a clickable button/link to generate an authentication token to somehow login the user automatically to the GitLab Web UI (different from a token used with the GitLab API)
3 - Alternatively (or in addition), design a custom login page separated from the default Shibboleth authentication already present in our instance settings to avoid losing the automatic OAuth2 authentication (that’s why we can’t use the default GitLab login page since it needs user action and clicking on the Shibboleth method button), and have students use that instead when they were sent credentials by us (or, even better, have them perform authentication from our Node app directly similar to how LDAP works)
Despite having done some research, we weren’t able to find a solution for steps 2 and 3. Does anyone have an idea of how we could achieve that ?
Thank you in advance for your time.