When Login using Okta, does not receive the correct username and roles

[St4n]

Hello,

When correctly login to OKTA, openunison opens with a cryptic username and no roles (please see screen capture)

Can you tell me where I missed something?

Thanks, Regards, Stéphane.

[mlbiam]

openunison opens with a cryptic username

This is the sub attribute that we receive from Okta. It is both immutable and not based on the user's name the way an email may be. In your values.yaml, you can change oidc.claims.sub from sub to email or name to change this then run helm upgrade orchestra-login-portal tremolo/orchestra-login-portal -n openunison -f /path/to/values.yaml to update

and no roles (please see screen capture)

This usually happens because the Okta groups attribute isn't configured. Did you follow the steps from https://openunison.github.io/identity%20providers/okta/ for groups? See the below image from the post. You need to tell Okta what claim to store groups in (groups) and which groups will be allowed.

[St4n]

Following your advices, I managed to make Okta works with OpenUnison, thanks, for your support !