[GitHub] [superset] PatBriPerso commented on issue #19643: Use keycloak as OIDC/IdP provider but cannot access to users list

[GitBox <gi...@apache.org>]

PatBriPerso commented on issue #19643:
URL: https://github.com/apache/superset/issues/19643#issuecomment-1096217047

   Thanks @fedepad.
    
   In fact, I change the role of my user with the superset UI and give him the Admin role.
   Here is how I do that:
   - I start my stack with `OIDC_ENABLE=False` so I can connect with the default Admin account (stored in the DB) and I change its password
   - I update my stack with `OIDC_ENABLE=True` and connect with a keycloak account. A new user was created in superset DB
   - I change back to `OIDC_ENABLE=False`, connect with the default Admin account and change the role of my keycloak user to Admin
   - Finally, I change again to `OIDC_ENABLE=True`, connect with my keycloak account and have the access issue (to the users list page)
   
   I have no specific roles for my keycloak user. I think he has the default keycloak roles but I do not know if those roles are sent to superset. I think roles on keycloak and roles on superset are not related (but I'm not sure).
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org