User Group Limit

  • felix.cmas
    Participant
    # 2 weeks, 2 days ago

    Hi!

    Recently i’ve run into an issue with our mO SAML SSO plugin, regarding the user group mapping.
    We’re doing manual group mapping of Entra gorups to Confluence groups, and Entra users need to have a specific group set to be able to login to Confluence.

    One of our users is unable to login, even though he is a memver of the required entra group:
    [miniorange.oauth.utils.OAuthHttpUtils] redirectToLoginWithOAuthError Authentication failed because The user is not allowed to login into the application.

    This seems to happen, because the default Microsoft Graph API call only retrieves the first 100 groups, and the plugin seems to be ignoring the ‘@odata.nextLink’ attribute:
    [miniorange.oauth.utils.OAuthUtils] findKey array length : 100

    See https://learn.microsoft.com/en-us/graph/paging?tabs=http.

    As the user is a member of 121 entra groups, the plugin does not recognize the groups relevant to the group mapping:
    [oauth.confluence.handler.OAuthConfluenceUserGroupHandler] addUsersToGroups Adding groups to user : <REDACTED> and groups are : []

    Could someone from the mini orange team please confirm this issue?
    If you need any additional logs/configuration, please provide me with an email address where i can send them to.

    Felix

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.