Public/pics
2
2
Fork 3
Code Issues 5 Pull Requests 1 Releases Wiki Activity
Files
555a3dbb957eb7234c3df65a1c770d5e64f40ab6
pics/migrations/2026-02-15-oidc-sub.sql
Yorick van Pelt 555a3dbb95 Match OIDC users by sub claim, auto-enroll, sync admin from groups 
Switch from email-based OIDC matching to the stable `sub` claim.
Existing users are migrated by email on first login, new users are
auto-enrolled from OIDC claims, and admin status is synced from the
IdP's groups claim. Also expose oidc_sub on the admin edit-user page.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-15 19:58:58 +01:00

3 lines
104 B
SQL
Raw Blame History

ALTER TABLE users ADD COLUMN oidc_sub TEXT;
CREATE UNIQUE INDEX idx_users_oidc_sub ON users (oidc_sub);
Reference in New Issue View Git Blame Copy Permalink