Merge branch 'bm/allowlist-oidc-auth' into 'master'

docs: add information on using OIDC with GitLab Dedicated See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/164211 Merged-by: Lysanne Pinto <lpinto@gitlab.com> Approved-by: Oriol Lluch <olluch@gitlab.com> Approved-by: Lysanne Pinto <lpinto@gitlab.com> Reviewed-by: Lysanne Pinto <lpinto@gitlab.com> Co-authored-by: bmckitrick <bmckitrick@gitlab.com> Co-authored-by: Chris Balane <cbalane@gitlab.com>

Merge branch 'bm/allowlist-oidc-auth' into 'master'
docs: add information on using OIDC with GitLab Dedicated See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/164211 Merged-by: Lysanne Pinto <lpinto@gitlab.com> Approved-by: Oriol Lluch <olluch@gitlab.com> Approved-by: Lysanne Pinto <lpinto@gitlab.com> Reviewed-by: Lysanne Pinto <lpinto@gitlab.com> Co-authored-by: bmckitrick <bmckitrick@gitlab.com> Co-authored-by: Chris Balane <cbalane@gitlab.com>
bd9b82a3 · Lysanne Pinto · GitLab · 8075fe09 · 3e058dd8 · bd9b82a3
--- a/doc/administration/dedicated/configure_instance.md
+++ b/doc/administration/dedicated/configure_instance.md
@@ -249,6 +249,16 @@ IP addresses that have been added to your IP allowlist can be viewed on the Conf
 Specify a comma separated list of IP addresses that can access your GitLab Dedicated instance in your [support ticket](https://support.gitlab.com/hc/en-us/requests/new?ticket_form_id=4414917877650). The IP addresses are then added to the IP allowlist for your instance.
+#### Enable OpenID Connect for your IP allowlist
+Using [GitLab as an OpenID Connect identity provider](../../integration/openid_connect_provider.md) requires internet access to the OpenID Connect verification endpoint.
+To enable access to the OpenID Connect endpoint while maintaining your IP allowlist:
+- In a [support ticket](https://support.gitlab.com/hc/en-us/requests/new?ticket_form_id=4414917877650), request to allow access to the OpenID Connect endpoint.
+The configuration is applied during the next maintenance window.
 ### SAML
 You can [configure SAML single sign-on (SSO)](../../integration/saml.md#configure-saml-support-in-gitlab) for your GitLab Dedicated instance.

--- a/doc/subscriptions/gitlab_dedicated/index.md
+++ b/doc/subscriptions/gitlab_dedicated/index.md
@@ -198,6 +198,10 @@ As an alternative to using hosted runners, you can use your own runners for your
 To use self-managed runners, install [GitLab Runner](https://docs.gitlab.com/runner/install/) on infrastructure that you own or manage.
+#### OpenID Connect
+You can use [GitLab as an OpenID Connect identity provider](../../integration/openid_connect_provider.md). If you use an IP allowlist to restrict access to your instance, you can [enable OpenID Connect requests](../../administration/dedicated/configure_instance.md#enable-openid-connect-for-your-ip-allowlist) while maintaining your IP restrictions.
 #### Migration
 To help you migrate your data to GitLab Dedicated, choose from the following options: