How to map user information during enrollment via oauth source #8342
Comments
|
Currently this has to be done in the enrollment/authentication flow through policies, before the user_write stage, you can access (It's been on our roadmap for quite a long time to add property mappings for saml/oauth sources) |
|
Thank you very much ! I got a working solution . Tomorrow or a least till end of this week I will add a pull request to improve the documentation. It might help others ( or me the next time ) . |
can u provide your mappings, for all us uninitiated users out there :D i have the same problem... |
|
@leisefuxX Have a look at the pull request and let me know if its understandable . 😅 |
|
hey @tograss your solution works as intended and your documentation of the solution is also understandable and easy to follow. It would be cool if a corresponding azure-enrollment was directly on board and you could simply click it together... maybe that would be something for 2023.10.8 (: thanks for sharing and posting! you helped me a lot |
hi, The solution involves creating a policy expression and applying it to the flow that generates the user on the first access. I configured a policy like this: username = request.context["oauth_userinfo"]["unique_name"] This way, the username field is populated correctly. You can also populate other fields such as email if they coincide: I hope this can be helpful. |
I'm trying to connect Authentik and Microsoft Entra ( former Azure AD) . I can setup the connection and login with my test user but how
do I map the properties from the entra user to the corresponding authentik user?
Any hints or a link to the relevant documentation would be really appreciated.
Maybe this can also be phrased as a more general question how to I map information from federated idp providers. For LDAP there are property mappings but the same does not exist for saml / oauth sources.
The text was updated successfully, but these errors were encountered: