Here is an example of a TIB profile configured for dynamic user group permission.
Please see the link for more information of the fields and groups.
{
"ID": "openid-demo-two",
"Name": "",
"OrgID": "612fc4695653740001a14f9b",
"ActionType": "GenerateOrLoginUserProfile",
"MatchedPolicyID": "",
"Type": "redirect",
"ProviderName": "SocialProvider",
"CustomEmailField": "",
"CustomUserIDField": "",
"ProviderConfig": {
"CallbackBaseURL": "https://immense-injoke-adm.aws-usw2.cloud-ara.tyk.io",
"FailureRedirect": "https://immense-injoke-adm.aws-usw2.cloud-ara.tyk.io/?fail=true",
"UseProviders": [
{
"DiscoverURL": "https://login.microsoftonline.com/XXXXXXXXXXXXXX-XXXX-XXXXXXXXXXXXX/v2.0/.well-known/openid-configuration",
"Key": "2774a44e-5a2c-422b-b236-7413b0XXXXXX",
"Name": "openid-connect",
"Scopes": null,
"Secret": "odR8Q~CPBpZ9iFjkrA.0nDXzIytLqeVQ2JXXXXX",
"SkipUserInfoRequest": false
}
]
},
"IdentityHandlerConfig": {
"DashboardCredential": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
},
"ProviderConstraints": {
"Domain": "",
"Group": ""
},
"ReturnURL": "https://immense-injoke-adm.aws-usw2.cloud-ara.tyk.io/tap",
"DefaultUserGroupID": "",
"CustomUserGroupField": "roles", <--scope
"UserGroupMapping": {
"admin": "64381a20a664f9000191d308"
},
"UserGroupSeparator": "",
"SSOOnlyForRegisteredUsers": false
}
Comments
0 comments
Please sign in to leave a comment.