Configuring SSO

These examples assume you are self-hosting Pipekit on the subdomain pipekit.example.com. Replace this with your actual domain.

GitLab

1. Go to your GitLab group settings and click on "Applications"

2. Click on "New Application"

3. Fill in the details:

   • Name: [Choose a unique App name]

   • Redirect URI: https://pipekit.example.com/api/id/v1/sso/gitlab/callback

   • Tick "Confidential"

   • Scopes:

     • read_user

     • openid

     • profile

     • email

4. Click "Save application"

5. Note down the Application ID and Secret and pass them to the Helm Chart Values to configure Pipekit.

Microsoft (Azure AD/Entra)

1. Create a new app registration in your Azure AD tenant.

2. Fill in the details:

   • Name: [Choose a unique App name]

   • Supported account types: Choose the account types you want to support.

   • Redirect URI:

     • Platform: Web

     • https://pipekit.example.com/api/id/v1/sso/microsoft/callback

3. After creating the app, create a Client Secret and note it down.

4. Then add the following API permissions:

   • Microsoft Graph:

     • email

     • openid

     • profile

     • User.Read

5. Note the Application (client) ID and pass it along with the Client Secret to the Helm Chart Values to configure Pipekit.