Preview apps with Passwords, users from GitLab group

I just want to know what plan is necessary to support the following workflow. Also, which of the password options would be best suited.

Right now I have a website that is on gitlab.com and uses gitlab pages to deploy. The project membership for that gitlab.com project is used to authenticate and authorize users to access the published site. This works great for the main deployment, but review/preview apps from branches in process are not published or protected.

It looks like if I switch my deployment to Netlify using the Pro plan, I will have a single password that all the users will have to be told. If this leaks, then it needs to be rotate for everyone. Seems inefficient and user hostile so not really a good replacement.

Is this right?

The other options of using a JWT and Netlify’s Identity provider and SSO seem like they’re more capable, but can I tie that to the people in a GitLab.com group or will they need to be added to this thing separately?

Do those users need to be Netlify users or can it just use their gitlab.com group access?

hey there, sorry for the slow reply - we are a little short staffed this week. We haven’t forgotten about this question! i have just pinged someone who i think can give you the answers you need. stay tuned.

Hello @mterhar, welcome to the Community!

If you want to gate your content, you can use Role-based redirect rules in conjunction with Netlify Identity. That said, I don’t know that GitLab Groups is an Identity provider. If that feature provides a JWT, then that could with with the Access-Control feature (https://docs.netlify.com/visitor-access/role-based-access-control/#external-providers).

That said, I don’t know of a simple way to accomplish what you described without some creative custom code you’d have to write yourself.