-
Notifications
You must be signed in to change notification settings - Fork 361
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature/configure additional OIDC scopes #4533
Feature/configure additional OIDC scopes #4533
Conversation
Outside of the unit tests I did confirm functionality locally by requesting the
|
Thanks! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Love the tests
Thank you for this contribution!!
@@ -96,10 +96,11 @@ This reference uses `.` to denote the nesting of values. | |||
* `auth.oidc.url` `(string : )` - The base URL of your OIDC compatible identity provider. | |||
* `auth.oidc.callback_base_url` `(string : )` - The scheme, host and port of your lakeFS installation. After authenticating, your identity provider will redirect you to a URL under this base. | |||
* `auth.oidc.default_initial_groups` `(string[] : [])` - By default, OIDC users will be assigned to these groups | |||
* `auth.oidc.initial_groups_claim_name` `(string[] : [])` - Use this claim from the ID token to provide the initial group for new users. | |||
* `auth.oidc.initial_groups_claim_name` `(string[] : [])` - Use this claim from the ID token to provide the initial group for new users. This will take priority if `auth.oidc.default_initial_groups` is also set. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🙏
Implements the ability to request additional scopes from the OIDC provider documented in issue 4349