We use the OpenID authenticatior to login from our local providor and now would like to use the groups from the providor to set access controls on XWiki.
For each OID group am I right that we have to map the group to a named XWiki group?
#-# The default is:
# oidc.groups.claim=xwiki_groups
#-# Receiving a groups list is enough to enable group synchronization but you might need to configure XWiki groups names different from the remote groups names.
#-# It's also required to indicate what's the field containing the list of groups (that's not an OpenID Connect standard) using oidc.groups.claim property.
#-#
# oidc.groups.mapping=MyXWikiGroup=my-oidc-group
# oidc.groups.mapping=MyXWikiGroup2=my-oidc-group2
# oidc.groups.mapping=MyXWikiGroup2=my-oidc-group3
Mapping many groups like this would be difficult to maintain especially as groups are being created and deleted all the time. Is it possible to set the access control against the OID group directly?
Does anyone have experience handling 100s of groups within the OpenID authentication
Thanks for any feedback
Pete