Unrelated admin group is created instead of adding user to the nextcloud administrators group
Opened this issue ยท 3 comments
I am currently using Authentik with the OIDC provider backend. I already tried to pass groups as the simple array:
["admin"]
and using the object:
[{"gid": "admin", "displayName": "admin"}]
The payload that sent is:
{
"name": "some user name",
"groups": [
{
"displayName": "admin",
"gid": "admin"
}
],
"quota": "200 GB",
"user_id": "some user id"
}
My OIDC is configured as follows:
I've got the same issue.
Looking at the other OIDC project it seems like they have an is_admin
attribute. Maybe it'll be worth looking into how that works and implement a similar functionality? The current method seems kinda hacky
I've found the fix that worked for me. By default the Use unique user ID
is enabled. This hashes the user ids and group ids with the provider name. Disabling that was everything I had to do to make it work.
I can see you also have that enabled so I suggest you disable it and see if it works.
For the maintainers, maybe this info can be written in the Readme and/or in the checkbox description unless you'll look at the implementation I mentioned in my previous comment? I'm sure it'll shave some debugging hours off of future admins' installation process.
I've found the fix that worked for me. By default the
Use unique user ID
is enabled. This hashes the user ids and group ids with the provider name. Disabling that was everything I had to do to make it work.I can see you also have that enabled so I suggest you disable it and see if it works.
For the maintainers, maybe this info can be written in the Readme and/or in the checkbox description unless you'll look at the implementation I mentioned in my previous comment? I'm sure it'll shave some debugging hours off of future admins' installation process.
Cool! This fixed the issue for me, thanks! But if a user needs more than one provider this might be an issue.