warpgate icon indicating copy to clipboard operation
warpgate copied to clipboard

Published 20 hours ago verified publisher icon warp-tech

Add support for role mappings on custom SSO providers.

Open Skyler84 opened this issue 1 year ago • 3 comments

This is done using the role_mappings property. Roles to be mapped are gotten from the 'warp_groups` oidc claim:

  - name: custom_sso
    label: Custom SSO
    provider:
      type: custom
      client_id: <client_id>
      client_secret: <client_secret>
      issuer_url: <issuer_url>
      scopes: ["email", "profile", "openid", "warp_groups"] #warp_groups is scope name to request for my demo case, which adds a "warpgate_groups" claim to the userinfo
      role_mappings: 
        - ["warpgate:admin", "warpgate:admin"]

This maps the warpgate:admin group from OIDC to the warpgate:admin role.

This video on YouTube demonstrates the functionality

Skyler84 avatar Nov 10 '23 12:11 Skyler84

I'm looking forward to seeing this PR has been merged.

linhxhust avatar Jan 22 '24 07:01 linhxhust

@Skyler84 I have no idea how I've missed this PR, sorry! Refactored the login out into warpgate-core, will test and merge soon

Eugeny avatar Jan 23 '24 10:01 Eugeny

thanks! sorry my rust isn't too great yet.

Skyler84 avatar Jan 23 '24 13:01 Skyler84