Sync Groups via OAuth2 / OpenID Connect


#1

Hello,

I am currently experimenting with Seafile and OpenID Connect Authentication (aka OAuth2) using the popular Keycloak server as my identity provider and Seafile CE as a client.
Setup was relatively straightforward and the login process works flawlessly, but as far as I see there is currently no way to sync groups from Keycloak to Seafile, right?

A possible workaround might be to enable user federation from Keycloak to an LDAP server and then sync the groups from there, but this would be far from elegant (and the feature is only available in the Pro edition).

Do you see any other possible ways to enable group syncing? Is it planned to implement this in a future release of Seafile?

Cheers!