OpenID Connect Single Sign-On

Mattermost provides support for GitLab, Google Apps, and Office 365, as well as other OpenID Connect applications as a Single Sign-on (SSO) service for team creation, account creation, and user sign-in.

Follow these steps to configure a service provider using OpenID Connect.

Step 1: Create an OpenID Connect Application

  1. Follow service provider documentation for creating an OpenID Connect application. Most OpenID Connect service providers require authorization of all redirect URIs.
  2. In the appropriate field, enter {your-mattermost-url}/signup/openid/complete For example: http://domain.com/signup/openid/complete
  3. Copy and paste values for the Discovery Endpoint, Client ID, and Client Secret values to a temporary location. You will enter these values when you configure Mattermost.

Step 2: Configure Mattermost for an OpenID Connect SSO

  1. Log in to Mattermost, then go to System Console > Authentication > OpenID Connect.
  2. Select OpenID Connect (Other) as the service provider.
  3. Enter the Discovery Endpoint.
  4. Enter the Client ID.
  5. Enter the Client Secret.
  6. Specify a Button Name and Button Color for the OpenID Connect option on the Mattermost login page.
  7. Select Save.
  8. Restart your Mattermost server to see the changes take effect.
  Options 
Contribute
Report a Problem
Edit on GitHub