search

BookStackApp / BookStack

A platform to create documentation/wiki content built with PHP & Laravel
https://www.bookstackapp.com/
MIT License
15.43k stars 1.94k forks source link

OIDC Azure not reading group claims #5306

Open jnantg opened 2 weeks ago

jnantg commented 2 weeks ago

Describe the Bug

User not being assigned to group when logging in with OIDC

Steps to Reproduce

Configure OIDC and set the variables:

OIDC_GROUPS_CLAIM=groups OIDC_USER_TO_GROUP=true

Verify the group claim is showing when

OIDC_DUMP_USER_DETAILS=true

Add the group ID to a role

Log in as the user

Expected Behaviour

The user should be assigned the group. For example "Editor" when the object ID of the group has been added to external authentication ID. However this is not the case. The user logs in, but is not granted the role specified. Even thought the claim is configured and shows when user detail dump is enabled.

Screenshots or Additional Context

No response

Browser Details

Microsoft Edge

Exact BookStack Version

24.10

ssddanbrown commented 2 weeks ago

Hi @jnantg,

when the object ID of the group has been added to external authentication ID.