Bug 58255 - add basic scope to oidc clients in univention-keycloak
Summary: add basic scope to oidc clients in univention-keycloak
Status: CLOSED FIXED
Alias: None
Product: UCS
Classification: Unclassified
Component: Keycloak
Version: UCS 5.0
Hardware: Other Linux
: P5 normal
Target Milestone: UCS 5.0-10-errata
Assignee: Felix Botner
QA Contact: Florian Best
URL:
Keywords:
: 57758 (view as bug list)
Depends on: 58254
Blocks:
  Show dependency treegraph
 
Reported: 2025-05-09 15:49 CEST by Felix Botner
Modified: 2025-11-10 09:25 CET (History)
2 users (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Customer ID:
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Felix Botner univentionstaff 2025-05-09 15:49:16 CEST 
+++ This bug was initially created as a clone of Bug #58254 +++

To interact with the guardian, we need to authenticate via OIDC. Guardian needs the sub claim, which is by default not added to tokens for clients created with univention-keycloak.

-> add basic scope as default scope when creating oidc clients with univention-keycloak
Comment 1 Felix Botner univentionstaff 2025-05-09 16:38:22 CEST 
591234a84609c3bcddbe1e184ab46be6718cf66a - add basic scope
dcc2d9b63295417a4a5c3b67b1337e6a9570b20e - advisory

Successful build
Package: univention-keycloak
Version: 1.0.14-6
Branch: 5.0-0
Scope: errata5.0-10
Comment 2 Florian Best univentionstaff 2025-05-12 12:37:11 CEST 
OK: basic scope gets added for oidc/rp clients
OK~: advisory (wording adjusted in git:fd54c06306c)
Comment 3 Christian Castens univentionstaff 2025-05-15 12:29:21 CEST 
<https://errata.software-univention.de/#/?erratum=5.0x1271>
Comment 4 Johannes Königer univentionstaff 2025-11-10 09:25:04 CET 
*** Bug 57758 has been marked as a duplicate of this bug. ***