0

Hi everyone, I’ve integrated the OIDC SSO module into my Mendix app and configured it using Microsoft Azure. Signing in with a Microsoft account works as expected, but I’ve encountered a few challenges that I need help with: Restricting Access:Currently, anyone with a Microsoft account can sign in. I want to limit access to only specific users or groups. How can I configure the module to ensure that only authorized users are allowed to access my app? Data Population Issue:When I view account details, I notice that only the email address is populated, and it appears to be encrypted. I would like to retrieve and map additional user data from Azure, such as name and roles, to populate the account entity in Mendix. How can I configure this? Account Matching:In an ideal setup, I want to pre-create all user accounts in my app. When a user logs in with their Microsoft account, the system should match their email address with the pre-created account (assuming the Microsoft account email matches the one in my app) and link them to it. Currently, signing in with SSO results in the creation of a new account, even when the email address matches an existing one. How can I prevent this and ensure the system uses the pre-created account instead? Here’s an example of the issue: I pre-create an account with the necessary details, but when the same user logs in via SSO with their Microsoft account, a new account is created rather than mapping to the existing one. I want to avoid this behavior.     Here's and example of how the SSO via azure account has some kind of encryption on the email address     I’d appreciate any guidance or examples on how to address these issues. Thanks in advance for your help!

asked 2024-12-10

1 answers