Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OIDC Azure not reading group claims #5306

Open
jnantg opened this issue Nov 4, 2024 · 1 comment
Open

OIDC Azure not reading group claims #5306

jnantg opened this issue Nov 4, 2024 · 1 comment
Labels
🐛 Bug

Comments

@jnantg
Copy link

jnantg commented Nov 4, 2024

Describe the Bug

User not being assigned to group when logging in with OIDC

Steps to Reproduce

Configure OIDC and set the variables:

OIDC_GROUPS_CLAIM=groups
OIDC_USER_TO_GROUP=true

Verify the group claim is showing when

OIDC_DUMP_USER_DETAILS=true

Add the group ID to a role

Log in as the user

Expected Behaviour

The user should be assigned the group. For example "Editor" when the object ID of the group has been added to external authentication ID. However this is not the case. The user logs in, but is not granted the role specified. Even thought the claim is configured and shows when user detail dump is enabled.

Screenshots or Additional Context

No response

Browser Details

Microsoft Edge

Exact BookStack Version

24.10
@jnantg jnantg added the 🐛 Bug label Nov 4, 2024
@ssddanbrown
Copy link
Member

Hi @jnantg,

when the object ID of the group has been added to external authentication ID.

  • Does the ID added exactly match a value you see when you have OIDC_DUMP_USER_DETAILS enabled?
  • Can you share (where possible) the output of having OIDC_DUMP_USER_DETAILS enabled?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐛 Bug
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ssddanbrown @jnantg