2 min read
Nextcloud Social Login with Gitlab
This example shows one way to configure GitLab as an OpenID Connect (OIDC) identity provider, so that only members a specific GitLab group are allowed to login.
In the example, the GitLab group is named
hfmts and the Nextcloud server is
To make the login work with GitLab we need a GitLab application and a group. The GitLab application represents our Nextcloud application.
Open https://gitlab.com/oauth/applications and create a new application with these values:
Name of Nextcloud
Condential: [ ]
Save the Application ID and the Secret to a notepad. We need it later.
Next create the GitLab group at https://gitlab.com/groups/new. Enter a valid name and also not the generated url path. This will be the group name that is referenced in the Nextcloud integration.
Setup Social Login
As we have our GitLab application and group, we are ready to setup the login integration in Nextcloud.
Open social login settings at https://nextcloud.example.com/settings/admin/sociallogin. Ensure the options are checked as follow:
This will ensure that user data is always up-to-date and only members of the GitLab group are allowed to login.
Next create a new Custom OpenID Connect entry by clicking on the
+ next to it. Set these values
User info URL:
Copy from notepad
Copy from notepad
On the left of the Group mapping option is the displayname of the GitLab group and on the right is the selected Nextcloud group. Create a separate Nextcloud group if not already done.
Click Save on the bottom of the settings page.
Test the login
To test the login integration proceed as followed:
- Log out of Nextcloud
- Click Log in with GitLab
Your are redirectred to GitLab.
- Sign into GitLab
- Authorize the application
You are redirected back to Nextcloud and are logged in.
Any group shares can be accessed immediately. This is a great way to work with external users which do not want have another account.Categories: Identity and Access Management
Tags: gitlab , nextcloud , openid connect
Improve this page
Show statistic for this page