question: assigning roles based on Discord roles or user IDs

greenpau / caddy-security

🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐

https://authcrunch.com/

Apache License 2.0

1.39k stars 70 forks source link

question: assigning roles based on Discord roles or user IDs #241

Open CrazyPython opened 1 year ago

CrazyPython commented 1 year ago

I have a service using Discord and SMS auth. I also have an Airtable that has an allowlist of users permitted to access the application. Is it possible to use an external data source other than guild membership to determine caddy security roles? I want to be able to permit only allowlisted users to log-in.

For example, Discord roles or a JSON file with a list of allowed Discord user IDs.

CrazyPython commented 1 year ago

maybe more of a feature request than a question

CrazyPython commented 1 year ago

Actually, I think I'll use auth0 instead, and use its roles system. Is it possible to assign caddy-security roles from auth0 roles?

qrkourier commented 1 month ago

I am trying to do this too in https://community.auth0.com/t/roles-not-added-to-token/139895/6?u=qrkourier

https://docs.authcrunch.com/docs/authorize/acl-rbac#sources-of-role-information says Caddy Security AuthZ looks in the app_metadata.authorization.roles list for strings that represent roles, but they're not being added/noticed by Caddy Security, and I'm unsure how to inspect the token's claims to verify they are present.