This issue has been created
 
 
OpenId Connect / cid:jira-generated-image-avatar-83f85928-7d06-4e27-9c6c-412bae0d4875 OIDC-185 Open

Group membership is applied only when explicitly claimed for the userinfo
 
View issue   ยท   Add comment
 

Issue created

 
cid:jira-generated-image-avatar-8b9da74e-58d5-4e54-8101-21eb8bad7f90 Thomas Mortagne created this issue on 03/Jul/24 15:05
 
Summary: Group membership is applied only when explicitly claimed for the userinfo
Issue Type: cid:jira-generated-image-avatar-83f85928-7d06-4e27-9c6c-412bae0d4875 Bug
Affects Versions: 2.10.0
Assignee: Unassigned
Components: Authenticator
Created: 03/Jul/24 15:05
Priority: cid:jira-generated-image-static-major-bd13808d-15da-4253-bd1d-aa8fdaf84066 Major
Reporter: Thomas Mortagne
Description:

It makes sense for most case, but it's not the only way to get groups in more exotic use cases:

  • it could be part of the id token claim
  • it could be sent by the provider without any explicit claim
 
 
This message was sent by Atlassian Jira (v9.3.0#930000-sha1:287aeb6) Atlassian logo
If image attachments aren't displayed, see this article.