By: Nicolas Assain user 17 Jul 2020 at 10:38 a.m. CDT

1 Response
Nicolas Assain gravatar
I would like to be able to set a Default Group for all the new users that self-register using the URL for that purpose. This way, all new users will go automatically in a "Welcome" group that will give them some kind of access to our JIRA instance. Apparently Gluu doesn't have this feature out of the box, and since the fresh user doesn't have ANY permission at all, the SSO gives them an error when they are redirected to JIRA. Would be able to develop a Custom Script to handle this? I'm not a Developer so all help that you can provide me would be very much appreciated!! Thanks in advance.

By Michael Schwartz staff 17 Jul 2020 at 11:26 a.m. CDT

Michael Schwartz gravatar
It depends how users are registering. For a consumer facing implementation like SaktiCoin, we'd recommend writing your own registration workflow in your portal, and when you've vetted the user, to POST to the SCIM `/Users` endpoint to create the account in the Gluu Server. Alternately, you can also consider using an interception script for registration. Take a look at [this example](https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/custom_registration) While you are saying "Groups", I'd recommend you use the `role` attribute of the user. User claims can be passed to your application via an OpenID Scope. Note: we do not recommend that you use the built in registration feature of oxTrust (i.e. if your using the registration under the `/identity` path). This is not safe, as oxTrust is better if it's not Internet facing. You don't want to worry about a privilege escalation attack enabling hackers to gain access to the admin interface.