starred/pocket-id-pocket-id-2
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2025-12-09 14:42:59 +03:00
Code Issues 116 Packages Projects Releases 10 Wiki Activity

🚀 Feature: Groups #504

New Issue
Closed
opened 2025-10-09 16:50:54 +03:00 by OVERLORD · 12 comments
OVERLORD commented 2025-10-09 16:50:54 +03:00
Owner
Copy Link

Originally created by @schlaggi on GitHub.

Feature description

You may have that on your todo list, but it would be great to have groups.

Pitch

I would like to put users in those groups and want the groups to be populated in the groups field via OIDC so that those groups will be recognized and honored by the OIDC client to eg. automatically grant specific rights.
But keep your minimalist approach. I love it.

Originally created by @schlaggi on GitHub. ### Feature description You may have that on your todo list, but it would be great to have groups. ### Pitch I would like to put users in those groups and want the groups to be populated in the groups field via OIDC so that those groups will be recognized and honored by the OIDC client to eg. automatically grant specific rights. But keep your minimalist approach. I love it.
OVERLORD added the feature label 2025-10-09 16:50:54 +03:00
OVERLORD commented 2025-10-09 16:50:57 +03:00
Author
Owner
Copy Link

@larsassink commented on GitHub:

+1

@larsassink commented on GitHub: +1
OVERLORD commented 2025-10-09 16:50:57 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

Currently I'm really busy but I've started with this feature and it has the highest priority at the moment.

@stonith404 commented on GitHub: Currently I'm really busy but I've started with this feature and it has the highest priority at the moment.
OVERLORD commented 2025-10-09 16:50:57 +03:00
Author
Owner
Copy Link

@danielgraycode commented on GitHub:

+1 to this too. Just trying out PocketID and seems promising, groups would help ease any transition from another auth provider!

@danielgraycode commented on GitHub: +1 to this too. Just trying out PocketID and seems promising, groups would help ease any transition from another auth provider!
OVERLORD commented 2025-10-09 16:50:59 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

Thanks for the suggestion, that's probably a must-have feature.

@stonith404 commented on GitHub: Thanks for the suggestion, that's probably a must-have feature.
OVERLORD commented 2025-10-09 16:50:59 +03:00
Author
Owner
Copy Link

@larsassink commented on GitHub:

Any updates on this? @stonith404

@larsassink commented on GitHub: Any updates on this? @stonith404
OVERLORD commented 2025-10-09 16:51:00 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

I've finished the first version of user groups. Could you try the the stonith404/pocket-id:development image and give me feedback on the implementation?

It probably contains some bugs as I didn't completely finished it yet but it would be nice if I get some feedback. Thanks :)

@stonith404 commented on GitHub: I've finished the first version of user groups. Could you try the the `stonith404/pocket-id:development` image and give me feedback on the implementation? It probably contains some bugs as I didn't completely finished it yet but it would be nice if I get some feedback. Thanks :)
OVERLORD commented 2025-10-09 16:51:00 +03:00
Author
Owner
Copy Link

@larsassink commented on GitHub:

Tested it extensively with multiple projects. So far, no errors and everything works like it should be!

@larsassink commented on GitHub: Tested it extensively with multiple projects. So far, no errors and everything works like it should be!
OVERLORD commented 2025-10-09 16:51:01 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

I forgot to mention that it is required to add the groups scope to the configuration of the OIDC client. Only when you add this scope, the groups will be returned.

In Cloudflare Zero Trust the configuration would look like this:
Screenshot 2024-10-03 at 11 59 10

@stonith404 commented on GitHub: I forgot to mention that it is required to add the `groups` scope to the configuration of the OIDC client. Only when you add this scope, the groups will be returned. In Cloudflare Zero Trust the configuration would look like this: ![Screenshot 2024-10-03 at 11 59 10](https://github.com/user-attachments/assets/4ae9573c-0333-457b-8ad5-0cd66e8c4cad)
OVERLORD commented 2025-10-09 16:51:01 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

Great, thank you for testing! It should now be available in v0.6.0.

@stonith404 commented on GitHub: Great, thank you for testing! It should now be available in `v0.6.0`.
OVERLORD commented 2025-10-09 16:51:03 +03:00
Author
Owner
Copy Link

@schlaggi commented on GitHub:

I tested it with Portainer and it worked flawlessly.
I‘ll try to do more testing.

Thank you!

@schlaggi commented on GitHub: I tested it with Portainer and it worked flawlessly. I‘ll try to do more testing. Thank you!
OVERLORD commented 2025-10-09 16:51:04 +03:00
Author
Owner
Copy Link

@ovizii commented on GitHub:

Great, thank you for testing! It should now be available in v0.6.0.

Sorry, I may be too tired, a few lines below I found:

  "scopes_supported": [
    "openid",
    "profile",
    "email"
  ],

Any idea why groups is not listed here?

@ovizii commented on GitHub: > Great, thank you for testing! It should now be available in `v0.6.0`. Sorry, I may be too tired, a few lines below I found: ``` "scopes_supported": [ "openid", "profile", "email" ], ``` Any idea why groups is not listed here?
OVERLORD commented 2025-10-09 16:51:04 +03:00
Author
Owner
Copy Link

@ovizii commented on GitHub:

Great, thank you for testing! It should now be available in v0.6.0.

I'm on 0.35.5 and if I access https://my.pocket.id.tld/.well-known/openid-configuration I see:

  "claims_supported": [
    "sub",
    "given_name",
    "family_name",
    "name",
    "email",
    "email_verified",
    "preferred_username",
    "picture"
  ],

I understand these are claims, not scopes but is there a similar URL to check the supported scopes?

@ovizii commented on GitHub: > Great, thank you for testing! It should now be available in `v0.6.0`. I'm on 0.35.5 and if I access https://my.pocket.id.tld/.well-known/openid-configuration I see: ``` "claims_supported": [ "sub", "given_name", "family_name", "name", "email", "email_verified", "preferred_username", "picture" ], ``` I understand these are claims, not scopes but is there a similar URL to check the supported scopes?
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
breaking
bug
documentation
feature
needs more upvotes
open to pull requests
pull-request
Mirrored from GitHub Pull Request
No Label feature
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/pocket-id-pocket-id-2#504
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?