-
Notifications
You must be signed in to change notification settings - Fork 327
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to authorize user using username OR sub claim instead of email address #413
Comments
@cpatel-secureauth that level of access control is not currently natively supported in Vouch Proxy. There are some examples in #107 and other issues in the repository which show how to do it on the Nginx side with openresty. |
@cpatel-secureauth feel free to continue the conversation here. If it becomes evident there's more to discuss I'm happy to reopen the issue. |
#175 is a very similar request |
I have figured out the way to authorize user using sub claim instead of email and its required to change code in openid provider. oauth: |
@cpatel-secureauth have you seen #367 and #310. That's also Could you test #367 and see if that works for you? |
I have created new provider called "secureauth" and tested sub focused authorization. |
@cpatel-secureauth of course I understand why you'd like to have a new provider for Did you look at #367? What did you think? Thanks again to you and SecureAuth for you interest in Vouch Proxy. |
@bnfinet It is working as expected. I didn't see #367 before and I am glad that I was able to figure out my self. // PrepareUserData implement PersonalData interface |
I have tested authentication successfully as Email which is within a Vouch Proxy managed domain.
To avoid below error , I was looking for something which I can authorize user using Username OR Sub claim.
{"level":"warn","ts":1629395919.9066803,"msg":"/auth User is not authorized: verifyUser: Email is not within a Vouch Proxy managed domain
Is it possible?
The text was updated successfully, but these errors were encountered: