OIDC and Automatic User Creation

Started by Al Muckart, Today at 05:25:03 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 05:25:03 AM
When using OIDC and wanting to automatically create users, is it possible to make user creation require the existence of a specific group returned by the OIDC server?

As far as I can tell at the moment the user will be created if authorisation succeeds regardless of group configuration, leaving no way to restrict access to a specific set of users without putting an auth proxy in front of the firewall.

If OPNsense could check for the existence of a group and deny authorisation if the user is not a member of that group it would make OIDC quite a lot easier to use in situations where there are multiple people/teams who require access.

Thanks.
Print
Go Up Pages1
User actions