Starting 15.2.0 GoCD Server will expose authentication end-point. What this means is GoCD users can add "custom" authentication schemes through plugins. With plugin settings & web request handling ability plugin developers get enough flexibility to write any authentication plugin they intend to write.

Examples of integrations possible:

  • OAuth Login - GitHub, Google, Hotmail, Yahoo! etc.
  • Single Sign-on (SSO) - LDAP, Okta etc.
  • 2-factor authentication - SMS verification etc.
  • Custom username & password authentication

How does it work?

Below is an explanation of how GitHub OAuth Login plugin works.

  • Generate OAuth token on GitHub.
Generate oauth token on Git Hub
Figure 1: Generate oauth token (Click to enlarge)
  • On plugin listing page users will see a gear icon (similar to one on the pipeline dashboard).
Plugin listing with gear icon
Figure 1: Plugin listing with gear icon (Click to enlarge)
  • Clicking on the gear icon opens a pop-up that renders "Plugin Settings".
Configure plugin pop-up
Figure 2: Configure plugin pop-up (Click to enlarge)
  • Login Page
Login Page with Git Hub icon
Figure 3: Login Page with GitHub icon (Click to enlarge)
  • Click on GitHub icon
Authorize Go CD Server to access Git Hub
Figure 3: Authorize GoCD Server to access GitHub (Click to enlarge)
  • Successful login
Pipeline View on successful login
Figure 3: On successful login (Click to enlarge)
  • Ability to Search & Add users
 Search User screen
Figure 3: Search User (Click to enlarge)

We hope plugin developers are able to use this feature to support their organizations authentication mechanism.

References:


As always, GoCD questions can be asked on the mailing list.