Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How do I map an IdP group to be Moodle admins? #847

Open
bdruth opened this issue Dec 3, 2024 · 2 comments
Open

How do I map an IdP group to be Moodle admins? #847

bdruth opened this issue Dec 3, 2024 · 2 comments
Labels
question

Comments

@bdruth
Copy link

bdruth commented Dec 3, 2024

Apologies, but I'm not entirely grokking the group rules. My goal (at this point) is simple - I have a group defined in the IdP, being passed over, and I want members of that group to be considered site admins. What's the most straightforward way to do that? e.g. my IdP group comes over as moodle-admins.

    "Groups": [
        "moodle-admins"
    ],
@kabalin
Copy link
Collaborator

kabalin commented Dec 4, 2024

Hello @bdruth, the IdP setting "For admin users only" allows to make every user an admin for IdP. I guess you have non-admin users too, in that case the way to differentiate would be to create two IdPs at SAML end (plugin supports multiple IdPs), one would be for admins only, and another one for all other users. I don't see any other option to achieve that, may be someone has different idea.

@bdruth
Copy link
Author

bdruth commented Dec 4, 2024
edited
Loading

Gotcha, thanks, I'll take a look at that!

Edit: one problem with this might be that Google Workspace doesn't allow the same Entity ID to be setup across SAML apps? I'll see if there's any way around that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kabalin @bdruth