You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently all users of a configured OIDC provider can login and users are created automatically. It should be possible to only let OIDC users through when they have a specific claim, e.g. a role or group.
Then I'd like to check if the "groups" claim contains "semaphore"
Design
Thinking about a config option with a Go Template which does the evaluation. This would be a flexible way of checking for specific strings, a string in a lists etc.
The text was updated successfully, but these errors were encountered:
Related to
Web-Backend (APIs), Configuration
Impact
nice to have
Missing Feature
Currently all users of a configured OIDC provider can login and users are created automatically. It should be possible to only let OIDC users through when they have a specific claim, e.g. a role or group.
Implementation
If the claims look this
Then I'd like to check if the "groups" claim contains "semaphore"
Design
Thinking about a config option with a Go Template which does the evaluation. This would be a flexible way of checking for specific strings, a string in a lists etc.
The text was updated successfully, but these errors were encountered: