Skip to main content
Solved

IAM - OpenID Providers roles claim is sometimes missing.

Geurt
Captain
Forum|alt.badge.img+5

I have set up an OpenID provider in IAM, allowing users to log in to the application via SSO. Now, I want to link user groups to this role using the 'roles' claim.

I am facing an issue, and I think it might be related to the number of roles assigned to a user, as in some cases, there are quite a lot of them, but it could also be something else. For some users, I see a long list of roles where I could filter by ID to find the correct role, but for other users, I don’t receive any role claim at all, even though these are configured in their Azure AD.

 

Does anyone happen to know what might be causing this?

Best answer by Geurt

Hello Renée,

I solved it by creating a new claim and giving the role with it. This gives a smaller set of roles than the previous role claim.

But true I looked in the JSON message in Login attempts and sometimes a user had a list of roles en sometimes not.

View original
Incentro - Legacy Modernization
Did this topic help you find an answer to your question?
This topic has been closed for comments

Renée Evertzen
Moderator
Forum|alt.badge.img+3

Hello @groos ,

Am I correct to assume that you've checked the Login attempts tab page in the OpenID providers menu in IAM? I assume that this is where you’ve noticed that for some users a list of roles is returned and for others it isn't. I suspect the issue to be located somewhere in the JSON data that is being provided to IAM.

Do you have access to the JSON data that is being returned?

If so, is there any chance that we could take a look at it to rule some things out?

Kind regards,

Renée

Geurt
Captain
Forum|alt.badge.img+5
  • GeurtCaptain
  • Captain
  • October 21, 2024

Hello Renée,

I solved it by creating a new claim and giving the role with it. This gives a smaller set of roles than the previous role claim.

But true I looked in the JSON message in Login attempts and sometimes a user had a list of roles en sometimes not.

Incentro - Legacy Modernization
Marius Korff
1 person likes this
  • Marius Korff
    Marius Korff
Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings