BookStack icon indicating copy to clipboard operation
BookStack copied to clipboard
verified publisher icon BookStackApp

Added OIDC group sync functionality

Open ssddanbrown opened this issue 3 years ago • 0 comments

Is generally aligned with out SAML2 group sync functionality, but for OIDC based upon feedback in #3004. Needed the tangential addition of being able to define custom scopes on the initial auth request as some systems use this to provide additional id token claims such as groups.

Includes tests to cover. Tested live using Okta.

Docs Updates

  • Need to document group syncing completely.
  • Need to document the use of OIDC_ADDITIONAL_SCOPES, and it's format (comma separated string).
  • Need to document behaviour of default registration role (Used when remove_from_groups option is active). Same as OIDC/LDAP behaviour.

ssddanbrown avatar Aug 02 '22 16:08 ssddanbrown