Apicurio-studio: Failed to link user to self-hosted gitlab user.

Created on 4 Jun 2020  ·  4Comments  ·  Source: Apicurio/apicurio-studio

Hi,

I followed the following documentation to set up an environment with self-hosted gitlab
https://apicurio-studio.readme.io/v0.2.15/docs/using-a-local-installation-of-gitlab

I failed to link a user with self-hosted gitlab user, it gave the following error:

Account linking has failed because no Identity Provider for accounts of type GitLab has been configured. Please contact your system administrator to resolve this configuration problem.

the error message complained missing of identity provider with the type GitLab, but it should be the type OpenID Connect v1.0 in the documentation, I'v already configured it successfully.

Configuration steps are as follows:

  1. configured keycloak to add a provider of type OpenID Connect v1.0, it worked, I can sign in with this provider on apicurio main login portal successfully(it redirected requests to my local gitlab and asked for user's consent)
  2. configured Apicurio for use with a my local GitLab installation using system properties.
/opt/apicurio-studio-0.2.46.Final/bin/standalone.sh \
-c standalone-apicurio.xml \
-Djboss.socket.binding.port-offset=100 -b 0.0.0.0 \
-Dapicurio.hub.gitlab.api=https://git.labs.hosting.xxx.com \
-Dapicurio.hub.gitlab.url=https://git.labs.hosting.xxx.com

What configuration do I miss or do I have any wrong configuration?

Anyone can help me?

Thanks.

question
Source
picture jinlxz

All 4 comments

A few questions.

1) What version of Keycloak are you using?

2) Did you set the Alias and Display Name to gitlab and GitLab respectively?

In particular Apicurio Studio requires that the identity provider you set up in KC has an alias of gitlab - if that is different then account linking will not work.

Another thing that I highly recommend is this:

https://github.com/Apicurio/apicurio-keycloak-extensions

We have created Keycloak extensions for the GitHub and GitLab identity providers that work much better than the standard OpenID Connect one. Your mileage may vary with these extensions depending on what version of Keycloak you are using. But I would be happy to help you get them working if I can.

EricWittmann picture EricWittmann on 4 Jun 2020

Hi @EricWittmann ,

Thanks for your quick response.

  1. I am using the latest version of Keycloak, 10.0.2
  2. you are correct, I modified the field Alias and Display Name, I will correct them and try it again, let you know if it works.

I think I should take your recommendation as there are some unresolved issues with the OpenID Connect v1.0 IDP in the issue Issue-711

jinlxz picture jinlxz on 4 Jun 2020
👍1

Hi @EricWittmann

It works after I create new IDP with the the fields Alias and Display Name setting to correct values.

I am trying apicurio-keycloak-extensions now.

jinlxz picture jinlxz on 5 Jun 2020
👍1

OK great thanks for coming back and confirming that. I hope the extensions thing goes well - those are not really well tested and have never been installed on KC 10 afaik. However, I think they should still work. If not please open a new GH issue and I'll take a look.

EricWittmann picture EricWittmann on 5 Jun 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

ceefour picture ceefour  ·  5Comments
zigouras picture zigouras  ·  7Comments
jsenko picture jsenko  ·  6Comments
Nicnl picture Nicnl  ·  5Comments
bodograumann picture bodograumann  ·  3Comments