Auto add user to correct organization based on JWT token

AzBuilder / terrakube

Open source IaC Automation and Collaboration Software.

Apache License 2.0

496 stars 38 forks source link

Feature description 💡

Hi, we would like to have an option available to automatically add users to the correct Organization based on the ID/JWT token that the user is authenticated with.

This feature can have different use-cases:

In an organization where each 'team' has it's own 'Terrakube organization', and teams are managed by the Identity Provider
Allowing access to Terrakube in a B2B scenario.

The general flow would be:

User logs in The IDP adds a specific claim to the JWT token, for example organization
Terrakube checks JWT token ({..., "organization": "org-a", ...})
Terrakube checks if org-a exists
Terrakube adds user to org-a

We could possible also create the organization if it does not exists yet.

This behaviour should be configurable in the settings.

# Settings example:
createOrganizationOnLogin: true/false
addUserToOrganizationOnLogin: true/false
organizationNameClaim: "organization"

I am able to help with creating a PR if you see value in this feature.

Anything else?

No response

AzBuilder / terrakube

Auto add user to correct organization based on JWT token #1286

Feature description 💡

Anything else?