Getting atributes from LDAP Group into the JWT Token in RH-SSO

Solution Unverified - Updated -

Issue

  • Getting atributes from LDAP Group into the JWT Token in RH-SSO
  • How to configure the client scopes mappers/AD user federation to put an array of attributes whose values comes from an user's group ?
  • In the JWT we can observe an attribute with the list of group with their names like this:

    "groups" = [
                "/sales",
                "/country-X",
                "/group-name-YY"
    ]
    

    but we what we really need is to present the group names and their objectGUID (or other attributes), something like:

    "groups" = [
            { "name": "/sales",  "attribute_1" : "123123"},
            { "name": "/country-X",  "attribute_1" : "123123"},
            { "name": "/group-name-YY",  "attribute_1" : "123123"}
    ]
    

    or

    "groups" = [
            "/sales",
            "/country-X",
            "/group-name-YY"
    ]
    "groups_attribute_1" = [
            "123",
            "45",
            "6789"
    ]
    

Environment

  • Red Hat Single Sign-On (RH-SSO)
    • 7.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In