Hey all,
I’m currently leveraging the Authorization Extension alongside a custom action to populate a custom-namespaced my.domain/groups claim within my tokens.
This works great! However, I’m sourcing my groups from Google - and would like to use group email rather than group name. The Google Enterprise connector is able to provide groups in a list of JSON objects (id, name, email) or name strings (“extended” vs. “simplified”)
(as a tangent, it is frustrating I can’t just choose email string from this option list!)
If I switch to JSON objects however, the Authorization Extension panics, and requests that the array of groups should be strings (which is annoying, I’m mapping them to strings in a subsequent action anyway, I just need the information propagated so it’s retrievable).
Is there anything I can do to stop the Authorization Extension from validating the groups it’s forwarding? Using emails for my group names would really be preferable!
Thanks,
Sam.