This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
SSO: support non-toplevel attribute_requirements #14835
Labels
A-SSO
Single Sign-On (maybe OIDC)
O-Uncommon
Most users are unlikely to come across this or unexpected workflow
S-Minor
Blocks non-critical functionality, workarounds exist.
T-Enhancement
New features, changes in functionality, improvements in performance, or user-facing enhancements.
Description:
To the best of my knowledge, it is only possible to configure and check attribute requirements if the attribute is in the toplevel of the claim/access token.
Example
We use keycloak as OIDC provider. The access token of keycloak contains:
I want to allow authentication based on a assigned client-role which is nested inside multiple objects.
Possible solution
A solution could be to allow dot-notation for the attribute requiremtes to access nested elements
The text was updated successfully, but these errors were encountered: