Auth

Login with GitLab

To enable GitLab Auth for your project, you need to set up a GitLab OAuth application and add the application credentials to your Supabase Dashboard.

Overview

Setting up GitLab logins for your application consists of 3 parts:

Access your GitLab account

  • Go to gitlab.com.
  • Click on Login at the top right to log in.

GitLab Developer Portal.

Find your callback URL

The next step requires a callback URL, which looks like this: https://<project-ref>.supabase.co/auth/v1/callback

  • Go to your Supabase Project Dashboard
  • Click on the Authentication icon in the left sidebar
  • Click on Providers under the Configuration section
  • Click on GitLab from the accordion list to expand and you'll find your Redirect URL, you can click Copy to copy it to the clipboard

Create your GitLab application

  • Click on your profile logo (avatar) in the top-right corner.
  • Select Edit profile.
  • In the left sidebar, select Applications.
  • Enter the name of the application.
  • In the Redirect URI box, type the callback URL of your app.
  • Check the box next to Confidential (make sure it is checked).
  • Check the scope named read_user (this is the only required scope).
  • Click Save Application at the bottom.
  • Copy and save your Application ID (client_id) and Secret (client_secret) which you'll need later.

Add your GitLab credentials into your Supabase project

  • Go to your Supabase Project Dashboard
  • In the left sidebar, click the Authentication icon (near the top)
  • Click on Providers under the Configuration section
  • Click on GitLab from the accordion list to expand and turn GitLab Enabled to ON
  • Enter your GitLab Client ID and GitLab Client Secret saved in the previous step
  • Click Save

Add login code to your client app

When your user signs in, call signInWithOAuth() with gitlab as the provider:


_10
async function signInWithGitLab() {
_10
const { data, error } = await supabase.auth.signInWithOAuth({
_10
provider: 'gitlab',
_10
})
_10
}

When your user signs out, call signOut() to remove them from the browser session and any objects from localStorage:


_10
async function signOut() {
_10
const { error } = await supabase.auth.signOut()
_10
}

Resources