Hi guys,
Two questions:
-
If a user from an external authentication has a 'role' claim set (or a mapping to a claim for role) how does that work internally in ABP? e.g. Is it just ignored if it doesnt have a matching local role name?
-
If i wanted to map role names from claims to local roles what service or models would i need to extend or override?
Regards,
Pete
2 Answer(s)
-
0
Sorry question 3
If the incoming roles are coming in with claim name 'group' is there a configuration option i can use to automatically map that to 'role'? I have tried a heap of different config combinations but im not sure if they should work or not based on the 2 questions above
-
0
-
An externally logged user creates a local account that ignores the role claim . See https://github.com/abpframework/abp/blob/c923dfd045c1d365d849d85eeabd817ff1648e42/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs#L210
-
You can override
CreateExternalUserAsyncmethod. -
There is no such configuration
-
