Support attributes provided by IDP

jsiit

It would be very helpful if Bacularis evaluates and maps attributes that are sent withing the JWT.
For example that you can define groups/roles in your IDP which are then translated into Bacularis-Roles.
This way you can manage the role of a user inside the IDP and you don't have to manage them in Bacularis itself.
I'll also post an example of a JWT below.
{
"iss": "https://idp.example.com/application/o/bacularis/",
"sub": "jsi",
"aud": "*********clientid************************",
"exp": 1770457840,
"iat": 1770414640,
"auth_time": 1770414640,
"acr": "goauthentik.io/providers/oauth2/default",
"email": "info@example.com",
"email_verified": true,
"name": "Name of User",
"given_name": "Name of User",
"preferred_username": "user01",
"nickname": "user01",
"groups": [
"authentik Admins",
"Grafana Admins",
"Bacularis Admins",
"MeshcentralAdmin"
]
}

The provisioned user will get added to Administrator-Role automatically without any admin intervention on Bacularis side.

gani

Hello @jsiit,

Thank you for your feature request.

This function will be added to Bacularis.

We will let know here once we start working on it.

Thanks.

Best regards,
Marcin Haba (gani)

gani

Hello @jsiit,

We are glad to let you know that we started working on this function.

It should be available in the next release.

Best regards,
Marcin Haba (gani)

gani

Hello @jsiit

I am glad to let you know that we succesfully finished and committed this function.

We called it Role mapping and it will be available in the next release.

Thanks!

Best regards,
Marcin Haba (gani)