"401 Unauthorized" on GitLab Login with Jekyll

I set up netlify-cms for a Jekyll page and a self hosted GitLab server.

When I click on the “Login with GitLab” button, the page seems to be reloaded and I get a yellow box on top of the page with the message “401 Unauthorized” appearing for a few seconds. I assume there is a problem with the GitLab access rights but I’m not sure. How can I get more insights to troubleshoot this issue?

Hey, welcome to the forum and sorry to hear you’re running into this. Could you share a bit more about your setup?

  • Were you following a setup/configuration guide for Netlify CMS with GitLab? If so, could you link it here?
  • Is the netlify-identity-widget enabled?
  • Do you see any errors in your browser’s Developer Tools?

In the meantime, I also wanted to share a few links to possibly similar issues in case they’re helpful:


and

Let me know how it goes and definitely come back if you’re still running into problems with login so we can revisit.

@jen Thanks a lot for your replay and the provided information.

I was following this guide and my netlify-cms files looks like the following:

config.yml:

backend:
  name: gitlab
  repo: xyz/jekyll-web
  branch: dev-netlify-cms
  auth_type: implicit # Required for implicit grant
  app_id:  xyz
  base_url: xyz
  auth_endpoint: oauth/authorize

index.html:

<!doctype html>
<html>
<head>
  <meta charset="utf-8" />
  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
  <title>Content Manager</title>
</head>
<body>
  <!-- Include the script that builds the page and powers Netlify CMS -->
  <script src="https://unpkg.com/netlify-cms@^2.0.0/dist/netlify-cms.js"></script>
</body>
</html>

I was not aware of the netlify-identity-widget. As I looked it up, it seems to me a javascript file needs to be included to activate it. I do not have any javascript files included and therefore this shouldn’t be enabled.

This is what the browser’s developer tools report:

could you tell us which site this is on, so we can examine your config?

It is the following site https://dev.xrebellion.ch/admin/. I have the same problem when I run it locally.

Thanks for sending your site over! It’s not hosted on our CDN so we actually have limited visibility into the auth issues you’re running into. As Shawn, the Netlify CMS lead, says below, hosting the CMS not on Netlify is an advanced use case (still, there may be some useful info in the thread):

That said, what you’re trying to do should be possible! Have you checked out the CMS Slack?
https://www.netlifycms.org/community/

And I’m guessing you’ll stick with your current hosting for your use case, but just in case a smoother CMS setup is the priority, you could use our CDN, so sharing a bit about how it works here:

Sorry to jump in late here, just to clarify - the implicit auth issue is fixed in the latests versions of the CMS and the Identity widget per https://github.com/netlify/netlify-cms/pull/2920.

As for gaining more insights to this issue, @AndreasZiegler sharing the entire network flow (requests and responses) during the login process might help. Specifically the failing API request and response you see in the logs.

To gain even more insights, you can clone the CMS project locally and use your config.yml.
The implicit auth code it here https://github.com/netlify/netlify-cms/blob/783440e370f6f49716e976626986c835f1bac54b/packages/netlify-cms-lib-auth/src/implicit-oauth.js and the method that verifies access permissions is here https://github.com/netlify/netlify-cms/blob/783440e370f6f49716e976626986c835f1bac54b/packages/netlify-cms-backend-gitlab/src/API.ts#L201

Also you probably want to set api_root: <address to self hosted api> under your backend config (default is https://gitlab.com/api/v4)

1 Like

Thanks for the hint @erez regarding api_root:. During copying the content of the config file, this line got lost. With it it works. Sorry for bothering you and thanks a lot for the support.

2 Likes