I have had LibeNMS up and running for quite some time now and was wanting to get it working with AzureAD using the Socialite plugin. The directions on docs.librenms.org (Oauth/SAML support - LibreNMS Docs) does a great job going step by step for the Microsoft side of things to get it working, and it now works great. However, I have two groups that I was hoping to set up to automatically set roles, and I can’t for the life of me figure out what I am doing wrong. Once you get to the ‘Claims / Access Scopes’ section of the documentation, it goes over setting these with Okta, but nothing for Microsoft/AzureAD. I tried setting group attributes over on the app registration:
I even tried going to the Enterprise Application and setting it under ‘Additional Claims’, with the hopes that it would bring this attribute in (I just took the groups and set a value that matched the value that it is expecting for each role). I ran this:
lnms config:set auth.socialite.scopes.+ groups
and then set the groups in the LibreNMS GUI for the socialite settings to set those values to roles. Still no luck. I feel like I am close and am just missing something super trivial, but can’t seem to figure it out…