kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-09-24 11:06:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat(web-app-openwebui): enable OIDC role-based admin mapping

Browse Source 
Activate ENABLE_OAUTH_ROLE_MANAGEMENT and configure OAUTH_ROLES_CLAIM from
RBAC.GROUP.CLAIM. Define OAUTH_ADMIN_ROLES dynamically based on RBAC group
and application administrator naming convention.

Conversation: https://chatgpt.com/share/68d18e02-d6b8-800f-aaab-920c61b9284a
This commit is contained in:
Kevin Veen-Birkenbach
2025-09-22 20:27:01 +02:00
parent 1baed62078
commit 08720a43c1
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
roles/web-app-openwebui/templates/env.j2
View File

@@ -35,10 +35,10 @@ OAUTH_SCOPES=openid email profile
# Optional: Role Management
# =========================
# Enable automatic role mapping from token claims
# ENABLE_OAUTH_ROLE_MANAGEMENT=true
# OAUTH_ROLES_CLAIM=roles
ENABLE_OAUTH_ROLE_MANAGEMENT=true
OAUTH_ROLES_CLAIM={{ RBAC.GROUP.CLAIM }}
# OAUTH_ALLOWED_ROLES=user
# OAUTH_ADMIN_ROLES=admin
OAUTH_ADMIN_ROLES={{ [ RBAC.GROUP.NAME, application_id ~ '-administrator' ] | path_join }}
# =========================
# Optional: Group Management