Hello!
From this link: Real-time collaboration without impersonation — JupyterHub documentation , it says it is possible to base members of a collaboration server on the identity provider:
I would like to base access to the collaboration server on my identity provider keycloak’s groups and its members.
Do you have an example of how to implement this? Specifically I am thinking how to edit the config file. Thank you in advance.
Hey there! Gladly, just a few hours ago, the following solution to a pretty similar question got posted. Maybe you can adapt the posted configuration snippet?
Hi,
To answer my own post if anyone is interested in the solution we finally use (soon at least ) it is available here: jupyterhub/jupyterhub_config.py · 117-next-version-rtc · csma / jupyterhub · GitLab
There is however many site specific bits in the code above, below is a simplified stub .
In overview we do :
Enable save authstate and “manage_roles”
create “post_auth_hook” to create “collab_users” and assign roles dynamically based on (in our case) ldap group membership and save informati…
2 Likes
