Gitlab hero border pattern left svg Gitlab hero border pattern right svg

Okta

On this page

What is Okta?

From the Okta website - Okta is the foundation for secure connections between people and technology. It’s a service that gives employees, customers, and partners secure access to the tools they need to do their most important work.

In practice - Okta is an Identity and Single Sign On solution for applications and Cloud entities. It allows GitLab to consolidate authentication and authorisation to Applications we use daily through a single dashboard and ensure a consistent, secure and auditable login experience for all our staff.

How is GitLab using Okta?

GitLab is using Okta for a few key goals :

What are the benefits to me using Okta as a user?

What are the benefits to me as an application administrator to using Okta?

How do I get my Okta account set up?

All GitLab team-members will have an Okta account set up as part of their onboarding process.

Existing Gitlab Team Members will have activation emails sent out in June 2019.

Follow the GitLab Okta Getting Started Guide and FAQs.

We have also prepared Introductory Videos on Okta Setup, Setting up MFA/Yubikeys, Configuring Applications and Dashboard Tips.

We recommend particularly that once your account is set up, you set up an additional MFA factor (either YubiKey or Google Authenticator/TOTP) in case there's an issue with one of your MFA factors.

Setting up my Okta Account requires me to use Okta Verify on my Phone, and I don't like that…

Our Okta implementation defaults to using Okta Verify as the Required MFA factor. Okta Verify is a safe and secure application that allows Push Notifications and One-time tokencodes on your phone to validate your login. It is supported on iPhone, Android and Windows Phones.

For some people, there are issues with installing a verification App on their phone. If there is some reason that this is not appropriate for your geography or other reasons, please submit an issue to Opt Out and we can add you to an authentication group that will make Okta Verify optional. Please note that we still recommend that you set up at least two MFA factors, in case something happens to one of your factors.

Why isn't an Application I need available in Okta?

First up, check against the Okta Application list to see if your application is listed there with a currect status. If you cannot see your Application listed here, create a new application setup issue and fill in as much information as you can.

How do I get my Application set up within Okta?

If you are an Application Owner please submit an new application setup issue on the Okta project page for your application. We will work with you to verify details and provide setup instructions.

Where do I go if I have any questions?