iexos
commented
1 year ago This would allow to create flows which would allow users to manage their own groups. That would be very useful!
Open Keyinator opened 1 year ago
iexos
commented
1 year ago This would allow to create flows which would allow users to manage their own groups. That would be very useful!
geudrik
commented
10 months ago 👍 for this issue. The usecase we have is using an external IDP (Okta in our case) which returns a list of groups on login. We need to ensure that groups in Authentik match what's returned from the IDP. We have this configured for first-login (enrollment), but we need to update user info every login
Wouter0100
commented
2 months ago Afaik this is possible with the User model. In an expression policy you should be able to get it and update the user accordingly.
Describe the solution you'd like Allow expression policies to add and remove the current user from groups.
Describe alternatives you've considered None available to my knowledge.
Additional context Currently you can add a new users to groups using dynamic groups (https://goauthentik.io/docs/flow/stages/user_write#dynamic-groups). Sadly there's two missing features: