Open sw34 opened 3 years ago
Can you please share your group definition? For group e2cb1e4d-c563-46a0-bb87-115ef4034672
?
{
"group": {
"id": "e2cb1e4d-c563-46a0-bb87-115ef4034672",
"insertInstant": 1603984383820,
"lastUpdateInstant": 1620851818789,
"name": "Super User",
"roles": {
"ba9969d4-8480-44f9-8be6-2ff7830074f7": [
{
"id": "4ee2e0f5-7534-46c2-be0b-3372eb35e234",
"isDefault": false,
"isSuperRole": false,
"name": "Admin"
},
{
"id": "468c3b81-98f1-488c-8c53-4634c5f26c0a",
"isDefault": true,
"isSuperRole": false,
"name": "Supervisor"
}
],
"4ecdb067-0fc8-4d15-91b6-c2a4f6b1d070": [
{
"id": "88295c41-2e77-46b0-a10d-def034a79504",
"isDefault": false,
"isSuperRole": false,
"name": "Env-ToolingAdmin"
},
{
"id": "09d851df-cd45-48cd-a385-4369a1b33c2b",
"isDefault": false,
"isSuperRole": false,
"name": "Env-ToolKitUser"
},
{
"id": "888544e9-ee41-4bad-8d19-0ac2b637aeaa",
"isDefault": false,
"isSuperRole": false,
"name": "PrePress-Admin"
},
{
"id": "a26d731d-da75-4b1b-bbfd-6fc8860f04ad",
"isDefault": false,
"isSuperRole": false,
"name": "Sales-Admin"
},
{
"id": "08833128-0a61-45cb-bd47-f145af73b081",
"isDefault": false,
"isSuperRole": false,
"name": "Purchasing-Admin"
},
{
"id": "bda009d7-e6b9-418c-a40f-b48d705db4a5",
"isDefault": false,
"isSuperRole": false,
"name": "Purchasing-User"
}
]
},
"tenantId": "05880359-1caf-0ee6-96a4-e2d033371190"
}
}
@jobannon this looks like it might be a bug. We should try to replicate.
LDAP Connector - roles not sent in JWT if assigned by group using api/login
Description
I am testing the LDAP connector, the lambda is adding the registrations and group assignments as I would expect, however when a user logs in using the POST api/login the roles for that group are not added to the JWT
Affects versions
1.27.2
Steps to reproduce
Steps to reproduce the behavior: Step 1: use lambda to add group memberships and registrations:
Step 2: Verify user
Step 3: User logs in via POST api/login
Results: User Logon JWT does NOT contain the roles:
Step 4: Change Lambda to use roles instead of groups
Step 5: Verify User
Step 6: User logs in via POST api/login
Results: User Logon JWT does contain the roles:
Expected behavior
I would expect the group assigned roles would be transferred to the JWT
Platform
(Please complete the following information)
Related