nextcloud-oidc-login icon indicating copy to clipboard operation
nextcloud-oidc-login copied to clipboard

Published 20 hours ago verified publisher icon pulsejet

Improved docs for mappings.

Open hschletz opened this issue 3 years ago • 1 comments

  • The instructions for quota and groups were mixed up. They are now separated into distinct paragraphs.
  • Added Instructions for role creation/assignment and added a note about the relationship between roles and groups.

hschletz avatar Aug 02 '21 10:08 hschletz

Thanks. If it can help, I've successfully synced Keycloak groups this way (I didn't create the custom ownCloudGroups mapper, I create the built in groups mapper instead):

On Keycloak, in the client mappers, add the built in "groups" attribute. This "groups" attribute must be in the config file, in oidc_login_attributes. And set 'oidc_create_groups' => true,

On Keycloak, for each group:

  • Create a role with the same name (Configure -> Roles)
  • Edit the group (Manage -> Groups) -> Roles Mapping: add the role

On Nextcloud, admin group cannot be renamed. So if you have an admin group called, e.g. Administrators, create the role admin and map it to Administrator group.

marc-farre avatar Mar 20 '22 08:03 marc-farre