OIDC authentication and claims

Description of your problem

It doesn’t appear to be possible to specify required claims for OIDC authentication. This is critical when using Google authentication to prevent other users (from other organizations) from logging in. This is done using the hd: claim (OpenID Connect  |  Google Identity  |  Google Developers).

Description of steps you’ve taken to attempt to solve the issue

I’ve tested the authentication mechanism and Google does not require a relevant domain.

Environmental information

Graylog 4.2.0+5adccc3

Operating system information

  • CentOS 7

Hi @ceeceegee, I’d recommend raising this in the Github project: GitHub - Graylog2/graylog2-server: Free and open source log management. Our developers are engaged over there and should be able to help out with addressing the issue you’re seeing with the OIDC integration.

1 Like

Great, thanks! I’ve raised a feature request now: OIDC claim support missing in Graylog Enterprise · Issue #11528 · Graylog2/graylog2-server · GitHub

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.