Customize mapping the OidcUser from OidcUserRequest and OidcUserInfo #14672
Labels
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
Milestone
When logging a user in with OpenID Connect 1.0, there are cases where authority information is included in the access token returned by the IdP. Currently, the only way to map authorities to the user based on the access token is to use delegation with
OidcUserService
(docs) orOidcReactiveOAuth2UserService
(docs). As mentioned in the docs, this is a more advanced option.It would be nice to be able to directly customize the mapping of the
OidcUser
, with the added benefit of being able to map the authorities based on the access token without the need for delegation. For example:Related gh-12275
The text was updated successfully, but these errors were encountered: