Thanks! This was really usefull!
I was wondering if there is any way to easily import roles from IDP to App Server.
As of right now I am thinking about making the following steps:
-
Allow to specify scope in frappe provider in OAuth Provider Settings
-
Create a new scope called roles
-
Include active roles on the profile callback
- Change “openid_profile” to a more generic profile?
-
Modify “update_oauth_user” in order to update roles on login
Do you think I am missing any steps?
As a last question, I saw on Github you were planning on using the OAUTH Token to query the API, is there any progress on this?
Regards!