A Concourse server can authenticate against GitLab to leverage their permission model.
First you need to create an OAuth application on GitLab.
The "Authorization callback URL" must be the URL of your Concourse server with
/sky/issuer/callback appended. This address must be reachable by GitLab - it can't be
For example, Concourse's own CI server's callback URL would be:
You will be given a Client ID and a Client Secret for your new application. The client ID and secret must then be configured on the
web node by setting the following env:
If you're configuring a self hosted GitLab instance, you'll also need to set the following flag:
The GitLab host must contain a scheme and not a trailing slash.