Draft: POC: retrieve a list of groups user is part of (!6) · Merge requests · GeoWeb / backend-services / auth-backend

Mizzi van der Ven requested to merge test-poc-knmi into main Mar 27, 2024

Alternative usage of GEOWEB_ROLE_CLAIM.

WAS GEOWEB_ROLE_CLAIM='cognito:groups=adminstrators'
HAS BECOME GEOWEB_ROLE_CLAIM='cognito:groups for cognito, e.g. GEOWEB_ROLE_CLAIM='groups for gitlab
- AKA specifies key from JWKS response where the list of groups can be found
Working: will set a geowebrole header containing a list of the groups a user is part of. A backend can then assign permissions/roles based on the list of groups

Test in combination with: presets-backend!127 (closed). Here a check for the contents of the role-header is done:

Edited Apr 04, 2024 by Mizzi van der Ven

Draft: POC: retrieve a list of groups user is part of