this post was submitted on 22 Feb 2025
12 points (92.9% liked)
Selfhosted
60426 readers
239 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil.
-
No spam.
-
Posts are to be related to self-hosting.
-
Don't duplicate the full text of your blog or readme if you're providing a link.
-
Submission headline should match the article title.
-
No trolling.
-
Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You can do this by replacing an existing scope or creating a new one. In some cases I've needed to replace an existing scope with custom mappings, and add the information needed to it. For example I created a custom scope of 'profile', added the relevant claim needed along with the standard scope information, and then associated that to the provider.
To do that, you add an OAuth scope mapping,. That mapping will then add the desired claim information. These are created with small python scripts. Set them to add the relevant claim when a case is matched (ex. User is in group "Admins"). Name the scope "profile", though it could be a new scope (preferred) if owncloud lets you specify them.
In the provider for owncloud add that new or replacement scope. In the Edit settings that's found under Advanced Protocol Settings. You'd add the named scope that correlates to your recently created Claim.
Then verify everything is working as expected; Go to Preview for that Provider. While it won't show you scope names, it will combine the claims into the JWT preview which is convenient for validating you did everything correctly. It helps reduce the extra variable of Owncloud until you get to that point.