OIDC Authorization after successful Authentication? #2926

New Issue

OVERLORD · 2026-02-05T05:45:40+03:00

OVERLORD commented

2026-02-05 05:45:40 +03:00

Originally created by @mschaefers on GitHub (Jul 28, 2022).

Attempted Debugging

I have read the debugging page

Searched GitHub Issues

I have searched GitHub for the issue.

Describe the Scenario

I configured Bookstack to Authenticate via OIDC

Now I need to Authorize an authenticated user to limit access to users that match certain critera (role, group)
Is there any way to do that in Bookstack?

Exact BookStack Version

v21.12

Log Content

No response

PHP Version

No response

Hosting Environment

HELM Chart installation on RedHat OKD4 (https://k8s-at-home.com/charts/ v.4.4.2)

Originally created by @mschaefers on GitHub (Jul 28, 2022). ### Attempted Debugging - [X] I have read the debugging page ### Searched GitHub Issues - [X] I have searched GitHub for the issue. ### Describe the Scenario I configured Bookstack to Authenticate via OIDC Now I need to **Authorize** an authenticated user to limit access to users that match certain critera (role, group) Is there any way to do that in Bookstack? ### Exact BookStack Version v21.12 ### Log Content _No response_ ### PHP Version _No response_ ### Hosting Environment HELM Chart installation on RedHat OKD4 (https://k8s-at-home.com/charts/ v.4.4.2)

OVERLORD added the 🐕 Support label 2026-02-05 05:45:40 +03:00

OVERLORD closed this issue

2026-02-05 05:45:43 +03:00

OVERLORD commented

2026-02-05 05:45:53 +03:00

@ssddanbrown commented on GitHub (Jul 28, 2022):

Hi @mschaefers,
Within the registrations settings is a "Default Registration Role" option that can be used to apply a single role to new users accessing via OIDC.

There is no group/role sync for OIDC at this time, but I am seeking varied feedback in #3004 for future implementation.
Upon that, our logical theme system does provide methods of hooking into the registration/auth events to run custom logic where needed.

@ssddanbrown commented on GitHub (Jul 28, 2022): Hi @mschaefers, Within the registrations settings is a "Default Registration Role" option that can be used to apply a single role to new users accessing via OIDC. There is no group/role sync for OIDC at this time, but I am seeking varied feedback in #3004 for future implementation. Upon that, our [logical theme system](https://github.com/BookStackApp/BookStack/blob/development/dev/docs/logical-theme-system.md) does provide methods of hooking into the registration/auth events to run custom logic where needed.

OVERLORD commented

2026-02-05 05:45:57 +03:00

@ssddanbrown commented on GitHub (Aug 2, 2022):

I will therefore close this off, with #3004 being targeted on a solution to achieve the requested functionality.

@ssddanbrown commented on GitHub (Aug 2, 2022): I will therefore close this off, with #3004 being targeted on a solution to achieve the requested functionality.

OVERLORD referenced this issue

2026-02-05 10:24:21 +03:00

[PR #2926] [MERGED] New Crowdin updates #6095

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#2926