Open xmlking opened 2 months ago
Just a note, apparently Microsoft have different AD subscriptions, based on plan, expensive corporate plan adds email claim correctly but for low cost plan, email claim is added at upn
and unique_name
fields. (we have to upgrade to expensive plan to customize claims)
Since getting email claim consistently is crucial for hasura-auth/hasura-auth-js
to work, we need custom configuration option for AzureAD provider to map email field OR automatically fallback to upn
or unique_name
if email
field is null
or undefined
.
Please let me know if I can contribute backward compatible fix via PR
Please let me know if I can contribute backward compatible fix via PR
Of course, it will be more than appreciated/welcomed :)
@xmlking would you mind checking if the issue still persists in 0.32.0? While AzuredAD's email is probably not being populated yet we remove the requirement of having an email so the crash should be gone.
@xmlking would you mind checking if the issue still persists in 0.32.0? While AzuredAD's email is probably not being populated yet we remove the requirement of having an email so the crash should be gone.
Yes crash issue is fixed with recent changes But I will be contributing fallback email mapping for azure AD when I find little time Thanks
I am trying hasura-auth with AzureAD, building webapp with
hasura-auth-js
SDK. my app crashing after trying to login with AzureAD SSO. here is the logserror in hasura-auth logs
webapp crash logs
accesstoken return for AzureAD don't have email at right place![image](https://github.com/nhost/hasura-auth/assets/627951/38edbff4-9d8f-4967-9a4b-b1b3470efa25)
BUT this should not cause server crash...