Issue Summary
When requesting, scope "groups" is not passed to OIDC_AUTH_URL. As a result, there is no information about groups in the jwt token. Judging by the source code, the list of scopes is hardcoded in src/services/auth.ts:
For this reason, after authentication, there is no role mapping.
It would be nice to be able to parameterize this value via configuration, as is done, for example for OIDC_AUTH_URL
Issue Summary When requesting, scope "groups" is not passed to OIDC_AUTH_URL. As a result, there is no information about groups in the jwt token. Judging by the source code, the list of scopes is hardcoded in src/services/auth.ts:
Request URL look lile:
For this reason, after authentication, there is no role mapping. It would be nice to be able to parameterize this value via configuration, as is done, for example for OIDC_AUTH_URL
Definitely, an implementation of this on the API side will also be required.
alertad.conf
Environment
OS: Linux
API version: 8.7.0
Deployment: Docker
Database: Postgres
Server config: Auth enabled? Yes Auth provider? OpenID (Dex) Customer views? No
web UI version: 8.7.0
CLI version: 8.5.1