TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 03:57:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: ensure minimal scope for azure ad (#5686)

Browse Source 
* fix: ensure minimal scope for azure ad

* docs(idps): mention scopes which are always sent

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
This commit is contained in:
Livio Spring
2023-04-17 09:02:16 +02:00
committed by GitHub
parent 8e19f0f6c3
commit 4c482619da
6 changed files with 37 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/docs/guides/integrate/identity-providers/azure-ad.mdx
View File

@@ -77,7 +77,7 @@ You only have to add the client ID and secret, you have created in the step befo
You can configure the following settings if you like, a useful default will be filled if you don't change anything:
**Scopes**: The scopes define which scopes will be sent to the provider, `openid`, `profile`, and `email` are prefilled.
This information will be taken to create/update the user within ZITADEL. Make sure to also add `User.Read`
This information will be taken to create/update the user within ZITADEL. Make sure to also add `User.Read`. ZITADEL ensures that at least `openid` and `User.Read` scopes are always sent.
**Email Verified**: Azure AD doesn't send the email verified claim in the users token, if you don't enable this setting.
The user is then created with an unverified email, which results in an email verification message.

2
docs/docs/guides/integrate/identity-providers/github.mdx
View File

@@ -61,7 +61,7 @@ The GitHub provider templates have everything you need preconfigured. You only h
You can configure the following settings if you like, a useful default will be filled if you don't change anything:
**Scopes**: The scopes define which scopes will be sent to the provider, `openid`, `profile`, and `email` are prefilled.
This information is used to create and/or update the user within ZITADEL.
This information is used to create and/or update the user within ZITADEL. ZITADEL ensures that at least the `openid`-scope is always sent.
<GeneralConfigDescription provider_account="GitHub account" />

2
docs/docs/guides/integrate/identity-providers/gitlab.mdx
View File

@@ -62,7 +62,7 @@ Add the client ID and secret you have created in the Gitlab Application.
You can configure the following settings if you like, a useful default will be filled if you don't change anything:
**Scopes**: The scopes define which scopes will be sent to the provider, `openid`, `profile`, and `email` are prefilled. This informations will be taken to create/update the user within ZITADEL.
**Scopes**: The scopes define which scopes will be sent to the provider, `openid`, `profile`, and `email` are prefilled. This informations will be taken to create/update the user within ZITADEL. ZITADEL ensures that at least the `openid`-scope is always sent.
<GeneralConfigDescription provider_account="GitLab account" />

2
docs/docs/guides/integrate/identity-providers/google.mdx
View File

@@ -45,7 +45,7 @@ Add the client ID and secret created before on your Google App.
You can configure the following settings if you like, a useful default will be filled if you don't change anything:
**Scopes**: The scopes define which scopes will be sent to the provider, `openid`, `profile`, and `email` are prefilled. This information will be taken to create/update the user within ZITADEL.
**Scopes**: The scopes define which scopes will be sent to the provider, `openid`, `profile`, and `email` are prefilled. This information will be taken to create/update the user within ZITADEL. ZITADEL ensures that at least the `openid`-scope is always sent.
<GeneralConfigDescription provider_account="Google account" />