external-group-attribute

Use the external-group-attribute entry to indicate which STSUU attribute in the RSTR contains the external group identities used when authenticating an external user. Remove this configuration entry if we do not want to allow authentication using an external group identity.

external-group-attribute = attribute_name

Description

If this entry is set, the appliance searches for an external group identity in the STSUU. If an external group identity is present, it will be used without further changes. If this entry is not configured, an external group identity cannot be used to authenticate the user. We can specify multiple attributes in the form of a comma separated list.

The group information is only used if the user is authenticating as an external user.

Options

attribute_name

The name of the external group identity attribute to be extracted from the RSTR. .

Usage: Optional

Default value

am-ext-user-groups

Example:

external-group-attribute = am-ext-user-groups

Parent topic: [oauth] stanza