New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[management-api] Using oauth scopes to assign roles in gravitee #1058

Closed
chicco785 opened this Issue Feb 2, 2018 · 3 comments

Comments

Projects
None yet
4 participants
@chicco785

chicco785 commented Feb 2, 2018

Expected Behavior

I suspect this is not implemented, but what i would expect is the following:

  1. Using OAuth2/OIDC I log in in Gravitee.
  2. Some specific roles are assigned to me in the client registered in OAuth2/OIDC provider (that maps to roles in Gravitee)
  3. When logging in roles are assigned to me accordingly. (if roles in the provider are changed, it should be updated at the next login).

Current Behavior

  1. Default roles are assigned to new users connected via OAuth2.
  2. An admin can manually change in Gravitee the roles.

Possible Solution

Something similar to the way Group mapping works.

@brasseld

This comment has been minimized.

Member

brasseld commented Feb 2, 2018

You're absolutely right.
Currently only group mapping is possible but it must be extended in the same way for role mapping.

@chicco785

This comment has been minimized.

chicco785 commented Feb 3, 2018

would be a pr welcome?

@brasseld

This comment has been minimized.

Member

brasseld commented Feb 3, 2018

Sure, it would be!

@brasseld brasseld changed the title from Using oauth scopes to assign roles in gravitee to [management-api] Using oauth scopes to assign roles in gravitee Feb 13, 2018

@brasseld brasseld self-assigned this Aug 27, 2018

@brasseld brasseld added this to the 1.19.0 milestone Aug 27, 2018

brasseld added a commit to gravitee-io/gravitee-management-rest-api that referenced this issue Aug 27, 2018

NicolasGeraud added a commit to gravitee-io/gravitee-management-rest-api that referenced this issue Sep 10, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment