Comments (6)
You're right I missed that bit. That would be a welcomed improvement indeed then
from authentik.
We'll probably still call the userinfo endpoint in the end, so that we're able to provide that information for source property mappings (#8771)
from authentik.
We'll probably still call the userinfo endpoint in the end, so that we're able to provide that information for source property mappings (#8771)
So this can't be implemented?
from authentik.
So this can't be implemented?
It would depend on how much data is actually included in the id_token given by azure. From a very quick look at the documentation, it seems like the id_token wouldn't contain all the data that one could retrieve from the userinfo endpoint, but feel free to correct me if I'm wrong
from authentik.
The only field missing is the profile picture, even though the docs say that the fields of the id_token should be a superset of the ones from the userinfo endpoint: https://learn.microsoft.com/en-us/entra/identity-platform/userinfo#consider-using-an-id-token-instead
from authentik.
I have a similar issue with Azure AD and missing information in the userinfo endpoint.
I am not completely sure what the expected implementation would be but for me it would be great to simply have the (decoded) id_token available in an Expression Policy
used in an Enrolment Stage
.
This way it should be very simply to map the needed information to the user accounts.
from authentik.
Related Issues (20)
- custom avatar url: fallback not working HOT 1
- 'AuthenticatorValidateStage' object has no attribute 'friendly_name'
- GET https://login.coinbase.com/oauth2/auth?response_type=code&client_id=YOUR_CLIENT_ID&redirect_uri=YOUR_REDIRECT_URL&state=SECURE_RANDOM&scope=wallet:accounts:read
- Using LDAPv3 to authenticate against MacOS HOT 3
- [Guacamole] Rejected OpenID Token HOT 1
- Unable to use application via proxy provider HOT 1
- SAML: Failed to verify Metadata Signature results in Python KeyError results in 405 Metthod not allowed
- Select All Checkbox in "Select permissions to assign" seems broken
- Improve Group Membership Management UI to Display Full Group Path HOT 1
- [2024.06.0] Cannot create groups with the same name HOT 4
- Provide the deleted model state in the event context
- website/docs: integrations: gitea: specify callback url
- Failed attempts is NOT working When Password stage is in Identification Stage
- Parsing error while sending notification mails when display name contains square brackets HOT 1
- Deleted application is still displayed on the dashboard. HOT 1
- Launch URL leads to broken login
- Radius: can't set a password of 128+ characters
- Unable to link discord from settings
- Scriptable property mappings for LDAP outpost HOT 2
- OAuth2/OpenID custom mapping can't serialize python set to JSON
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from authentik.