FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Mapping FusionAuth roles to elasticsearch

    Scheduled Pinned Locked Moved
    General Discussion
    0
    2
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vexana @dan
      last edited by

      @dan Sorry forgot to update here. Yes, the integration fixed using OpenID, it works.

      I have another question. By creating role mapping on the elastic side, all the user logins will have same role.

      How is to mapping the FusionAuth role/group to the elastic role? I want my user on FusionAuth login based on their roles.

      I am playing on claims.principal and claims.groups, but not really get it.

      If your OP has the ability to provide groups or roles to RPs via tha use of an OpenID Claim, then you should map this claim to the claims.groups setting in the Elasticsearch realm (see Mapping claims to user properties), and then make use of it in a role mapping as per the example below.

      Reference: https://www.elastic.co/guide/en/elasticsearch/reference/7.9/oidc-role-mapping.html
      Referen

      1 Reply Last reply Reply Quote 0
      • danD
        dan
        last edited by

        @vexana

        I think you want to add a claim into a token? Does this lambda help? https://fusionauth.io/docs/v1/tech/lambdas/jwt-populate/

        Or can you be more precise in what you are looking to do?

        --
        FusionAuth - Auth for devs, built by devs.
        https://fusionauth.io

        1 Reply Last reply Reply Quote 0
        • First post
          Last post