Simon Li

There's a `scopes` field, see the example on https://zero-to-jupyterhub.readthedocs.io/en/latest/administrator/authentication.html#giving-access-to-organizations-on-github

See the discussion on the original PR https://github.com/jupyterhub/oauthenticator/pull/145 > The idea of having multiple entries in self.idp_whitelist makes me nervous, because of the possibility of username collisions across multiple domains....

It's also worth noting that JupyterHub is moving away from the idea of a single `admin` group, to having multiple groups with fine-grained admin permissions determined by RBAC.

I think the easiest short term solution is for authenticators to provide group memberships, with the mapping of groups to roles handled in the JupyterHub config. This is effectively what...

@codecae I think you've raised some very good points. Would you mind either starting an issue on the [Jupyter community forum](https://discourse.jupyter.org/), _or_ opening an issue on https://github.com/jupyterhub/jupyterhub/issues , with your...

From the [Discourse topic linked above](https://discourse.jupyter.org/t/kubernetes-python-module-not-found-in-custom-jupyterhub-container-for-custom-authentication/6627) it sounds like someone's extended and written their own authenticator. You could try following up there, and if it solves the B2C issue then...

Do you think we could add the entire `token_response` as a field of `auth_state`? https://github.com/jupyterhub/oauthenticator/blob/3bcb7a7293ba99bae16eddb37e3177082a54234c/oauthenticator/generic.py#L138-L151

Does the generic authenticator work? https://github.com/jupyterhub/oauthenticator/blob/master/oauthenticator/generic.py

@yuvipanda do you still plan to do this?

Does `MultiOAuthenticator` only work with `OAuthenticator` derived authenticators, or would it work with others?