mirror of
https://github.com/warp-tech/warpgate.git
synced 2024-09-20 06:46:17 +08:00
916d51a4e8
This is done using the `role_mappings` property. Roles to be mapped are gotten from the 'warp_groups` oidc claim: ```sso_providers: - name: custom_sso label: Custom SSO provider: type: custom client_id: <client_id> client_secret: <client_secret> issuer_url: <issuer_url> scopes: ["email", "profile", "openid", "warp_groups"] #warp_groups is scope name to request for my demo case, which adds a "warpgate_groups" claim to the userinfo role_mappings: - ["warpgate:admin", "warpgate:admin"] ``` This maps the `warpgate:admin` group from OIDC to the `warpgate:admin` role. This [video on YouTube](https://youtu.be/XCYSGGCgk9Q) demonstrates the functionality --------- Co-authored-by: Eugene <inbox@null.page>
24 lines
731 B
JSON
24 lines
731 B
JSON
[
|
|
{
|
|
"ClientId": "client-credentials-mock-client",
|
|
"ClientSecrets": ["client-credentials-mock-client-secret"],
|
|
"Description": "Client for client credentials flow",
|
|
"AllowedGrantTypes": ["client_credentials", "authorization_code"],
|
|
"AllowedScopes": ["openid", "profile", "email", "warpgate-scope"],
|
|
"RedirectUris": ["https://127.0.0.1:8888/@warpgate/api/sso/return"],
|
|
"ClientClaimsPrefix": "",
|
|
"Claims": [
|
|
{
|
|
"Type": "string_claim",
|
|
"Value": "string_claim_value",
|
|
"ValueType": "string"
|
|
},
|
|
{
|
|
"Type": "json_claim",
|
|
"Value": "[\"value1\", \"value2\"]",
|
|
"ValueType": "json"
|
|
}
|
|
]
|
|
}
|
|
]
|