Signing-in into Mattermost through GitLab doesn't work if Mattermost is behind a reverse proxy and this proxy communicates with HTTP with Mattermost while the user is facing the page with HTTPS (because the proxy support SSL).
1. Run Mattermost behind a reverse proxy,
2. let the proxy communicate with Mattermost via HTTP,
3. configure the proxy to support HTTPS for the user,
4. enable SSO with GitLab,
5. finally: try to log-in
After clicking the SSO button on Mattermost, it will redirect me to GitLab where I have to login-in and authorize the Application to use my account data. After authorizing GitLab should redirect me to Mattermost where I'm logged in now.
After clicking the SSO button GitLab will fail (with the error message: The redirect URI included is not valid.) due to the fact, that the redirect_uri query param doesn't match the provided client_id.
What's the status of this ticket?
I think the original issues were resolved between the time the ticket was opened in Sept 2016, and the time that I tried it in June 2017. I followed the instructions and was able to get it going. The only problems I had were due to user error.
I found that Mattermost is picky about the security certificate. For example, you can't leave the domain blank, (the Common Name when creating the certificate) and it must be signed by a trusted authority (ie, not self-signed)
Thanks – is there anything we need to update in our documentation or otherwise?
Let's resolve this ticket as per Jeff's comments. Looks like there were some commits made to address it:
I don't think we've heard anyone hitting this recently.