Copolycube

Thanks for your suggestions. I'm fine with 1 portal for all applications, so I went with the first option : * set the url for authentication `authorization policy mypolicy {...

Thanks a lot @fdarveau, I indeed missed the line of logs `reason: user role is valid, but not allowed by access list`. * The field `user_group_filters` was already present in...

Ok, I think that found the solution I was looking for: ``` transform user { match realm gitlab match roles gitlab.com/group/subgroup action add role authp/admin } ```

/label help wanted /label question

the logs I got from oauth2-proxy is the following, if it may help : ``` oauth | [2022/05/11 17:51:31] [oauthproxy.go:148] OAuthProxy configured for GitLab Client ID: oauth | [2022/05/11 17:51:31]...

From what I understood it's redirecting to the content of this variable at OAuth2 level, or am I wrong ? ``` OAUTH2_PROXY_REDIRECT_URL: "https://oauth.${DOMAIN}/oauth2/callback" ```

This seems related to (if not a duplicate of) : #1297 (with the start of a workaround : https://github.com/oauth2-proxy/oauth2-proxy/issues/1297#issuecomment-1143233276 )

Great news, thanks a lot @mariaWitch . Let me know which issue you create to follow-up with those changes :-)

@bluzi could you please have a look at this and validate if you agree with the fix ? Thanks in advance :-) (more or less fixing #191 )

Hello @bluzi are you still maintaining this project ?