synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-23 21:32:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add group mapping option for group sync (#6705)

Browse Source 
* feat: add group mapping option for group sync

* fixup! feat: add group mapping option for group sync
This commit is contained in:
Colin Adler
2023-03-21 14:25:45 -05:00
committed by GitHub
parent 120bc4b750
commit 00860cf1c8
12 changed files with 114 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
docs/admin/auth.md
View File

@ -197,4 +197,20 @@ CODER_OIDC_SCOPES=openid,profile,email,groups
On login, users will automatically be assigned to groups that have matching
names in Coder and removed from groups that the user no longer belongs to.
For cases when an OIDC provider only returns group IDs ([Azure AD][azure-gids])
or you want to have different group names in Coder than in your OIDC provider,
you can configure mapping between the two.
```console
# as an environment variable
CODER_OIDC_GROUP_MAPPING='{"myOIDCGroupID": "myCoderGroupName"}'
# as a flag
--oidc-group-mapping '{"myOIDCGroupID": "myCoderGroupName"}'
```
From the example above, users that belong to the `myOIDCGroupID` group in your
OIDC provider will be added to the `myCoderGroupName` group in Coder.
> **Note:** Groups are only updated on login.
[azure-gids]: https://github.com/MicrosoftDocs/azure-docs/issues/59766#issuecomment-664387195