Hi,
I have configured my gitlab instance with omniauth with azure_oauth2 provider. I want existing users to be bound with azure_oauth2 users if they have same email, but the email attribute seems not to be reflected in the gitlab users. For example:
user with sid johndoe@foo.com
and email jdoe@bar.com
is created in gitlab as johndoe
whose email is johndoe@foo.com
.
After many attempts and tests I am using this configuration:
gitlab_rails['omniauth_allow_single_sign_on'] = ['azure_oauth2']
gitlab_rails['omniauth_sync_email_from_provider'] = ['azure_oauth2']
gitlab_rails['omniauth_sync_profile_from_provider'] = ['azure_oauth2']
gitlab_rails['omniauth_sync_profile_attributes'] = ['name', 'email', 'location']
#gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'
gitlab_rails['omniauth_block_auto_created_users'] = false
gitlab_rails['omniauth_auto_link_ldap_user'] = true
gitlab_rails['omniauth_auto_link_saml_user'] = true
gitlab_rails['omniauth_auto_link_user'] = ['azure_oauth2']
#gitlab_rails['omniauth_external_providers'] = ['azure_oauth2']
#gitlab_rails['omniauth_allow_bypass_two_factor'] = ['azure_oauth2']
gitlab_rails['omniauth_providers'] = [
{
"name" => "azure_oauth2",
"args" => {
"client_id" => *******
"client_secret" => *******
"tenant_id" => ******
}
}
Since I indicated both email and location as the attributes to synchronize but I am not seeing any of them in the user profile I suppose that is the synchronization which is not carried out at all or fails. Unfortunately I am not seeing any clue in the logs.
Gitlab Version is 13.4.2-ee
Can anyone help me?
Thanks,
Fabio