mirror of
https://github.com/paralus/paralus.git
synced 2026-05-17 22:06:43 +00:00
5e7fc110b2
The idp_groups is list of groups IdP user belongs to that is returning
in the OIdC providers token response. The flow of Idp Group mapping is
as follows:
OIdC Provider (OP) return custom claim with groups in a token when
authentication event
|
The value of custom claim is mapped to `idp_groups` of identity
traint using JsonNet mapper.
|
On inserting/updating/deleting `identities` table, Postgresql
sends a pg_notification with
`PG_OPERATION,IDENTITY_ID,IDENTITY_TRAIN` as a payload.
|
The `pkg/service/user.UserService.UpdateIdpUserGroupPolicy` update
the casbin policies for each notification based on payload received.
62 lines
1.4 KiB
JSON
62 lines
1.4 KiB
JSON
{
|
|
"$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json",
|
|
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
"title": "Person",
|
|
"type": "object",
|
|
"properties": {
|
|
"traits": {
|
|
"type": "object",
|
|
"properties": {
|
|
"first_name": {
|
|
"title": "First name",
|
|
"type": "string",
|
|
"pattern": "^.*$"
|
|
},
|
|
"last_name": {
|
|
"title": "Last name",
|
|
"type": "string",
|
|
"pattern": "^.*$"
|
|
},
|
|
"description": {
|
|
"title": "Description",
|
|
"type": "string",
|
|
"pattern": "^.*$"
|
|
},
|
|
"email": {
|
|
"type": "string",
|
|
"format": "email",
|
|
"title": "E-Mail",
|
|
"minLength": 3,
|
|
"ory.sh/kratos": {
|
|
"credentials": {
|
|
"password": {
|
|
"identifier": true
|
|
}
|
|
},
|
|
"verification": {
|
|
"via": "email"
|
|
},
|
|
"recovery": {
|
|
"via": "email"
|
|
}
|
|
}
|
|
},
|
|
"idp_groups": {
|
|
"title": "IDP groups",
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"required": [
|
|
"first_name",
|
|
"last_name",
|
|
"description",
|
|
"email"
|
|
],
|
|
"additionalProperties": false
|
|
}
|
|
}
|
|
}
|