Add the possibility for a user-defined value for admin role in OIDC role_field (e.g. different than admin)
#1939
Labels
suggestion
Feature suggestion
Comments
|
I think this is a great suggestion and I'm in need of it as well. It might also be possible to set the correct group property with a |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Not an issue proper but a lack of flexibility.
An IDP instance usually serves many Service Providers and sources its authentication from an LDAP/Active Directory instance that may only provide a list of groups/roles under one list attribute.
In this context, authentications may come as ["admin_app1", "superadmin_app2", "project1_dev"]
AFAIU, the OIDC
role_field, as defined for instance with"role_field": "sftpgo_role",needs to haveadminvalue for the user to be considered an SFTPGo admin.This could be difficult to provide in a context as described above.
Describe the solution you'd like
Have the ability to set the admin OIDC role_field value to a custom value.
It'd be handy to be able to say
role_fieldvaluesuperadminis the one that gives admin role to a user.Describe alternatives you've considered
No response
What are you using SFTPGo for?
Enterprise
Additional context
No response
The text was updated successfully, but these errors were encountered: