[entraid] store entra appId in plugin settings

This PR stores the Entra ID appID of the application used for SSO in Entra ID plugin settings. This field filled in a best effort scenario and might be empty for old Entra Plugins. Newly created plugins will make the field mandatory. Signed-off-by: Tiago Silva <[email protected]>
gravitational · Nov 11, 2024 · fe49e4b · fe49e4b
1 parent 6b573d6
commit fe49e4b
Show file tree

Hide file tree

Showing 4 changed files with 439 additions and 365 deletions.
diff --git a/api/proto/teleport/legacy/types/types.proto b/api/proto/teleport/legacy/types/types.proto
@@ -6498,6 +6498,11 @@ message PluginEntraIDSyncSettings {
   // This field is populated on a best-effort basis for legacy plugins but mandatory for plugins created after its introduction.
   // For existing plugins, it is filled in using the Entra integration when utilized.
   string tenant_id = 4;
+
+  // app_id refers to the Azure Application ID that supports the SSO for "sso_connector_id".
+  // This field is populated on a best-effort basis for legacy plugins but mandatory for plugins created after its introduction.
+  // For existing plugins, it is filled in using the entity descriptor url when utilized.
+  string app_id = 5;
 }
 
 // EntraIDCredentialsSource defines the credentials source for Entra ID.