At Agilicus we use OpenID Connect, Single Identity for everything, federated off of our G Suite. And, we also use Gitlab, locked to the same ID. Today I had the situation where a person returned, we had deleted their G Suite (Google) account. So, re-create the Google account, many tools locked onto the user name and were good. But gitlab has an extra link, the Google Account ID (from the ID Token).

So, here is the solution, for posterity. And by posterity I mean you gentle reader.

Go to https://developers.google.com/people/api/rest/v1/people/get.

Enter ‘people/me’ in the resourceName. Enter ‘names’ in personFields. Execute. Now, you will see a dialog asking if you want to grant permission to run this API. After accepting, you will see your ID, as below. This is your Google Account ID.

Now, go to Gitlab. On the user, in the identities, add a google_oauth2 identity, and paste this ID (if you have one, change it). Now your user will be happy.

Share This

Share this post with your friends!