I just want to know what plan is necessary to support the following workflow. Also, which of the password options would be best suited.
Right now I have a website that is on gitlab.com and uses gitlab pages to deploy. The project membership for that gitlab.com project is used to authenticate and authorize users to access the published site. This works great for the main deployment, but review/preview apps from branches in process are not published or protected.
It looks like if I switch my deployment to Netlify using the Pro plan, I will have a single password that all the users will have to be told. If this leaks, then it needs to be rotate for everyone. Seems inefficient and user hostile so not really a good replacement.
Is this right?
The other options of using a JWT and Netlify’s Identity provider and SSO seem like they’re more capable, but can I tie that to the people in a GitLab.com group or will they need to be added to this thing separately?
Do those users need to be Netlify users or can it just use their gitlab.com group access?