Open mostdcoa opened 5 months ago
This actually looks like I am having an issue with OIDC_IGNORE_ROLES, as reading through some of these issues that's what I want. I want any user to be able to log in with SSO and have the admin ability (add boards).
- OIDC_ISSUER=https://accounts.google.com
- OIDC_CLIENT_ID=redacted
- OIDC_CLIENT_SECRET=redacted
- OIDC_SCOPES=openid email profile
- OIDC_ADMIN_ROLES="Test Developers"
- OIDC_EMAIL_ATTRIBUTE=email
- OIDC_NAME_ATTRIBUTE=name
- OIDC_USERNAME_ATTRIBUTE=preferred_username
- OIDC_ROLES_ATTRIBUTE=groups
- OIDC_IGNORE_USERNAME=true
- OIDC_IGNORE_ROLES=true
- OIDC_ENFORCED=false
Hi! Yep, you can use ignore roles to be able to switch isAdmin
in the users modal. The only problem that a new user won't be an admin by default, so you always need to switch it. Probably we need to add one more env variable to set the default role 🤔
@meltyshev
Ah, this makes much more sense, I had assumed - OIDC_IGNORE_ROLES
had meant that the inherited role of OIDC was ignore and was given Admin. I was also wondering why I could enabled that account as Admin (Ignore Roles was False when I tested this).
I think this would be a useful flag to have - OIDC_DEFAULT_ROLE=admin or user
if the ignore role was true.
I'm having this issue. How do you force the first user you sign in as to be an admin? Right now, I don't even have the ability to set myself as the admin. I can login and then nothing is available to me.
I have both OIDC_IGNORE_ROLES
and OIDC_ENFORCED
set to true
, so I have no local users at all.
I had to go into the postgres database and set the is_admin
column for my user in user_account
to true
I have OIDC working as in I can log in with a user.
However, when a user logs in, they can't do anything. How can I just make all users that log in an admin?
I am using Google Workspace as the OIDC provider. I have tried created planka_admin (as can be seen in the above code) roles etc but can't figure out how to pass that to planka to recognize who is an admin from google workspace?