Lehel44 commented on code in PR #6802:
URL: https://github.com/apache/nifi/pull/6802#discussion_r1056363577


##########
nifi-docs/src/main/asciidoc/administration-guide.adoc:
##########
@@ -503,6 +503,9 @@ JSON Web Key (JWK) provided through the jwks_uri in the 
metadata found at the di
 |`nifi.security.user.oidc.additional.scopes` | Comma separated scopes that are 
sent to OpenId Connect Provider in addition to `openid` and `email`.
 |`nifi.security.user.oidc.claim.identifying.user` | Claim that identifies the 
user to be logged in; default is `email`. May need to be requested via the 
`nifi.security.user.oidc.additional.scopes` before usage.
 |`nifi.security.user.oidc.fallback.claims.identifying.user` | Comma separated 
possible fallback claims used to identify the user in case 
`nifi.security.user.oidc.claim.identifying.user` claim is not present for the 
login user.
+|`nifi.security.user.oidc.claim.groups` | Name of the ID token claim that 
contains an array of group names of which the
+user is a member. Application groups must be supplied from a User Group 
Provider with matching names in order for the
+authorization process to use ID token claim groups. The default value is 
`groups`.

Review Comment:
   ```suggestion
   user is a member. Application groups must be supplied by a User Group 
Provider with matching names for the
   authorization process to use ID token claim groups. The default value is 
`groups`.
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@nifi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to