Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Internal/ prefix added to user roles for JIT-provisioned users in OIDC federation flow with userinfo endpoint added #22088

Open
HiranyaKavishani opened this issue Dec 19, 2024 · 1 comment

Comments

@HiranyaKavishani
Copy link
Contributor

Description

When federated IDP users has more than one role, noticed that the "internal/" keyword is getting appended to user roles during user provisioning when the userinfo endpoint is configured in IDP configuration

Steps to Reproduce

  1. Setup IS 7.1-M5 as federated IDP for APIM 4.4.0/any other IS (IS 6.1.0) including user info endpoint
  2. Create an App using Traditional Web Application option from super org
  3. Create a sub org, switch to that org and create a new user
  4. Add necessary roles (more than one) to user in order to access the APP
  5. Login to SP

Version

IS 6.x, 7.x

Environment Details (with versions)

No response

@HiranyaKavishani
Copy link
Contributor Author

Already informed to @sadilchamishka regarding the issue

@HiranyaKavishani HiranyaKavishani changed the title "Internal/" keyword is appended to user roles for JIT-provisioned users in OIDC federation flow with userinfo endpoint configured Internal/ prefix added to user roles for JIT-provisioned users in OIDC federation flow with userinfo endpoint added Dec 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: No status
Development

No branches or pull requests

2 participants