Skip to content

feat: Set groups based on Entra groups (Azure auth module) #7736

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 13, 2025
Merged

feat: Set groups based on Entra groups (Azure auth module) #7736

merged 1 commit into from
Aug 13, 2025

Conversation

pianosaurus
Copy link
Contributor

Add group synchronization for Entra ID (aka. Azure AD)

Azure AD is now called Entra, hence the name of the auth module.

This is a copy-paste of the code used from generic OAuth2, except the group claim name is always "groups". This is not configurable in Entra, so no configuration is needed here either. It solves #1874 for the Azure module, as others have already done for SAML and OIDC.

User how-to

  1. Enable the "groups" claim in Entra under App Registrations ("Token configuration" -> "Add groups claim").
  2. Edit the Azure auth module in Wiki.js, and enable the new setting ("Map groups").
  3. Create the groups in Wiki.js.
  4. Groups are mapped during the auth process, so users have to log in again.

@auto-assign auto-assign bot requested a review from NGPixel August 11, 2025 15:07
@NGPixel NGPixel merged commit c093423 into requarks:main Aug 13, 2025
@NGPixel
Copy link
Member

NGPixel commented Aug 13, 2025

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@NGPixel NGPixel NGPixel approved these changes

Assignees

@NGPixel NGPixel

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@pianosaurus @NGPixel @defa-services