The login succeeded but we need to extract the DN from "federated_claim" field "user_id".
{
"type": "server",
"timestamp": "2020-07-20T15:35:38,047Z",
"level": "TRACE",
"component": "o.e.x.s.a.o.OpenIdConnectAuthenticator",
"cluster.name": "test",
"node.name": "test-es-default-0",
"message": "Successfully retrieved user information: [{\"at_hash\":\"removed\",\"federated_claims\":{\"user_id\":\"cn=achim.admin,ou=People,dc=removed,dc=de\",\"connector_id\":\"dwp_ldap_openldap\"},\"sub\":\"removed\",\"aud\":\"kibana\",\"email_verified\":true,\"iss\":\"https:\\/\\/dex.test.fi-ts.io\\/dex\",\"name\":\"test000\",\"groups\":[\"testsecu\",\"dwpstwpdir\",\"k8s_kaas-admin\",\"test_kaas-all-all-admin\",\"test_prmt-all-all-admin\",\"test_k8s-test-all-clusteradmin\",\"test_k8s-qa$poc-all-clusteradmin\",\"test_k8s-dwp$poc-all-clusteradmin\",\"test_k8s-prod$poc-all-clusteradmin\"],\"exp\":1595302537,\"iat\":1595259337,\"nonce\":\"removed\",\"email\":\"achim.admin@removed\"}]",
}
What would be the correct syntax to read input federated_claims->user_id into claims.dn?
claims:
principal: name
groups: groups
mail: email
dn: federated_claims.user_id # What is the syntax required here?
P.S. The encoded JWT token structure:
# {
# "iss": "https://dex.test",
# "sub": "test",
# "aud": "auth-go-cli",
# "exp": 1594428593,
# "iat": 1594385393,
# "at_hash": "test",
# "email": "achim.admin@test.de",
# "email_verified": true,
# "groups": [
# "k8s_kaas-admin",
# ],
# "name": "test000",
# "federated_claims": {
# "connector_id": "test_ldap_openldap",
# "user_id": "cn=achim.admin,ou=People,dc=test,dc=de"
# }
# }