Closed td00 closed 3 weeks ago
You may need to set OIDC_NAME_CLAIM_PATH
to tell the the app where to find the name
attribute in your token. By default it looks for name
at the top level.
AFAIK the name claim is also at top level
This is an example of the profile scope:
{
"id": 10000,
"name": "Test User",
"nickname": "testuser"
"email": "testuser@example.com",
"groups": [
"test_group",
"users"
],
}
I also used OIDC_NAME_CLAIM_PATH
to test nickname
& preferred_username
but always get the same result as posted initially.
What are you using as your identity provider?
We’re using „uffd“ ( https://git.cccv.de/uffd/uffd )
as far as I understand the rallly code everything that is needed is supported by uffd
Yes, it should be compatible. That said, it doesn't seem like there is an issue with Rallly here. It's failing to create a user because it didn't get a name which is required. From the looks of it, it's not getting any information from your identity provider. Could be some misconfiguration or an issue with the identity provider itself.
Since it doesn't seem like there's anything we can do I'll close this but feel free to reopen if you can point to an issue within this repo.
Describe the bug When trying to authenticate via OIDC users get successfully redirected to the auth portal. The auth is successful but there seems to be a problem with the processing of the reply. The objects all have the required claims (except for image, but I doubt that this is a required field).
To Reproduce Steps to reproduce the behavior:
Expected behavior A successful login.
Screenshots