Restrict access based on OAuth/OpenID Group membership #46
Labels
enhancement
New feature or request
Comments
|
For LDAP you have this possibility:
|
|
🤦 I missed that this was possible. I am using it with Oauth, where it's not possible, and I totally missed that this is already supported with LDAP, apologies. |
xathon
changed the title
|
no problem :) - if you have time to implement this for OAUTH you could create a pull request ;) |
|
Based on my understanding, the ID Token in the OAuth2/OIDC protocol does not inherently include group or role claims. As a workaround, I suggest implementing group filtering directly within the OAuth2/OIDC provider, such as through client roles in KeyCloak. This approach allows for more streamlined and effective role management within the authentication process. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It would be great to have the possibility to restrict logins to a specific group listed in the /userinfo endpoint on OpenID/Oauth.
The text was updated successfully, but these errors were encountered: