Update Token Handling in auth-service for Organization Context #26

Open
opened 2025-06-03 22:56:19 +00:00 by abed.alrahman · 0 comments
Member

Goal: Ensure user's Keycloak Organization membership is included in tokens and propagated as custom headers by auth-service.
Brief Description:

Keycloak Configuration: Define and apply necessary mappers in Keycloak client scopes to include a user's Organization ID(s) and/or name(s) as a claim in the access token (e.g., an organization claim).
auth-service Update:
    Modify VerificationResponse DTO to include the new organization claim.
    Update the buildAuthHeaders helper method in AuthController to parse this claim and add it to a new custom header (e.g., X-User-Organization) that is forwarded to backend services.
    Ensure the X-User-Groups header continues to propagate Keycloak Group memberships (which might now represent departments/teams within an organization).
Goal: Ensure user's Keycloak Organization membership is included in tokens and propagated as custom headers by auth-service. Brief Description: Keycloak Configuration: Define and apply necessary mappers in Keycloak client scopes to include a user's Organization ID(s) and/or name(s) as a claim in the access token (e.g., an organization claim). auth-service Update: Modify VerificationResponse DTO to include the new organization claim. Update the buildAuthHeaders helper method in AuthController to parse this claim and add it to a new custom header (e.g., X-User-Organization) that is forwarded to backend services. Ensure the X-User-Groups header continues to propagate Keycloak Group memberships (which might now represent departments/teams within an organization).
abed.alrahman added the
State
Unverified
Type
Task
labels 2025-06-03 22:56:19 +00:00
abed.alrahman added a new dependency 2025-06-03 22:56:46 +00:00
abed.alrahman added
State
Verified
and removed
State
Unverified
labels 2025-06-04 10:22:44 +00:00
abed.alrahman added this to the V.01 milestone 2025-06-04 10:22:49 +00:00
abed.alrahman added the
Points
8
Priority
High
labels 2025-06-04 10:23:52 +00:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Depends on
#9 Design the Group/Tenant Feature
clevermicro/user-management
Reference: clevermicro/user-management#26