Mirrors/wg-portal
1
0
Fork 0
mirror of https://github.com/h44z/wg-portal.git synced 2026-05-28 08:56:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat(docs): how to troubleshoot admin_group_regex with oidc (#684)

Browse Source 
Added instructions for identifying claims in OIDC user info payload for admin rights.
This commit is contained in:
nesbyte
2026-05-18 23:31:46 +03:00
committed by GitHub
parent 958dcb8fa9
commit 835f76bf58
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docs/documentation/configuration/overview.md
View File

@@ -602,6 +602,7 @@ Below are the properties for each OIDC provider entry inside `auth.oidc`:
- **Description:** WgPortal can grant a user admin rights by matching the value of the `is_admin` claim against a regular expression. Alternatively, a regular expression can be used to check if a user is member of a specific group listed in the `user_group` claim. The regular expressions are defined in `admin_value_regex` and `admin_group_regex`.
- `admin_value_regex`: A regular expression to match the `is_admin` claim. By default, this expression matches the string "true" (`^true$`).
- `admin_group_regex`: A regular expression to match the `user_groups` claim. Each entry in the `user_groups` claim is checked against this regex.
- To identify which claim to match against, set log_level: debug and reload the config. Log in with the intended admin account and inspect the logs for the OIDC user info payload. If the required claim is missing it must be added by the OIDC provider. If it is present, use its value as the pattern for admin_group_regex.
#### `registration_enabled`
- **Default:** `false`