Tuleap OAuth2 & OpenID Connect server (Tuleap Enterprise Edition only)

It’s a lot of work under-the-hood, with tens of RFCs and difficult specifications to implement, but it’s a major leap forward for integrations of any kind with Tuleap.

OAuth2 administration in a project

In very short, OAuth2 allows to delegate authorizations between apps in a standard way. In other terms, you can now build applications that rely on Tuleap REST APIs without worrying about managing the way your application will handle the users and their permissions on the target Tuleap server. OpenID Connect, on top of OAuth2 will deal with user authentication and basic account details (email, name, …).

Checkout Tuleap Documentation on OAuth2 to learn how to setup an app.

To better understand what does OAuth2 and OpenID Connect, you can have a look at the very visual guide to OAuth2 published by okta.

OpenID Connect Client

Tuleap is able to delegate authentication to an OpenID Connect server since a while (and yes, it works with Tuleap as a server too 😉). Before 11.14, even when using delegated authentication, Tuleap would ask you to create a local password at account creation but this is no longer needed. Now, you can have a completely passwordless account:

  • You can generate Access Keys or Token for REST, Git (over https) and Subversion access
  • You can associate several OpenID Connect providers to one user account

All those features are also available when Tuleap is configured in Single Sign On mode with only one provider.

Images in Test Management (Tuleap Enterprise Edition only)

You can either drag’n drop or copy & paste images everywhere in Tuleap Test Management module:

  • Steps, for both actions & expected results
  • Execution results
Images in steps and in test results
Add images in steps and in test results

As test results can embed images or be quite long (like a stacktrace or an error log), we took the opportunity to have a full size display of the test result in a modal window.
The images are also embedded in the bugs created from a failing test case.

Test result with an image
Test result with an image

Markdown documents in Git

Tuleap now renders markdown text using the CommonMark flavor of markdown (in short the one used by Github, Gitlab, Discourse, etc).

Markdown based documentation in Git repository
Markdown based documentation in Git repository

In addition, to be more in line with the markdown syntax people already know, we activated extensions that allow to write simple documents to be rendered directly in the git interface. You can include images that are stored in your repo and you can also reference other markdown documents that are in you repository.

Docker Image for Tuleap Enterprise Edition (Tuleap Enterprise Edition only)

Driven by the work needed for the Docker image, Tuleap can now use encrypted connection to a database as well as redis. A specific work was done on the support of Microsoft Azure as a MySQL provider.

The Docker image also comes with auto configured tuleap-realtime server.

All those configuration bits are accessible with environment variables described in the Installation Guide.

Bugs and requests


Agile dashboard


  • request #14765 READMEs in Git repository should be able to link to files in the repository
  • request #14476 Syntax highlighting in git can crash the page
  • request #14835 Line number does not line up with the line itself

OpenID Connect client

  • request #14839 Display the OIDC providers in one column on the homepage
  • request #14812 Users signing in via an OIDC provider should be able to create an account without setting a password
  • request #14807 Verify signature of ID tokens
  • request #14804 Add Tuleap Icon in the list of OIDC providers
  • request #14800 Opportunistic PKCE support of OIDC provider
  • request #14798 The OIDC client plugin should authenticate with BasicAuth when accessing the token endpoint



  • request #14792 Cannot create a new version of a file with approval table
  • request #14625 Fatal error while uploading a new version for a docman item



This release closes two long running clean-up activities:

The first one started more than 2 years ago and needed more than 230 commits to replace our unit test framework. That’s more than 15’000 unit tests that we had to rewrite. This was required because SimpleTest is no longer maintained and was slowing us down for support of new PHP versions. Moreover PHPUnit is way more strict in the execution of the tests so we can catch bugs earlier.

The second one is the end of an activity that started one year ago and needed 90 commits to have an unified build system around webpack (mainly). The Javascript ecosystem evolves very quickly and the dust takes time to settle. It means that, as developers we often have to choose technologies that don’t last or are replaced by better solution (very) quickly. In our case we cleaned-up a stack based on grunt/gulp & all for the now standard webpack. In addition of a more homogeneous way of building assets for developers, the build time was divided by 2.

Other relevant development activities

Release details

See it in action!