...
The CDCM application allows for flexible customization of display names based on scoped role claims, enhancing clarity and alignment with organizational naming conventions. Its It is also possible to specify a prefix that should be ignored when parsing the role claim string coming from the identity provider.
Configuration: Display names are configured using the environment variable
OAUTH_CLAIM_CONFIGURATION. This variable should contain a JSON array, where each object defines the claim attribute (=roleClaimAttribut) and the corresponding display name format (=displayNameForma) as well as an optional field for the prefix that should be ignored while parsing the role string(=prefix).JSON Format: Each object in the array specifies a
roleClaimAttribute, adisplayNameFormatand aprefix. The display name format can include placeholders (<<>>) to dynamically insert token attributes into the display name.Example Configuration:
Code Block language json [ { "roleClaimAttribute": "roles", "prefix": "I_will_be_ignored", "displayNameFormat": "System user <<applicationId>>" }, { "roleClaimAttribute": "cdcm.groups", "displayNameFormat": "<<given_name>> <<family_name>> | <<department>>" } ]Usage: This configuration allows display names to be dynamically generated based on user attributes, providing personalized and informative identifiers. For example, a display name might appear as "System user 12345" or "John Doe | Sales" based on the claims found in the user token.