JupyterHub + KeyCloak auth and LDAP user groups

Hi, I’ve successfully set up JupyterHub to login via KeyCloak and now it uses internal users and access (ie I create user from admin panel). My KeyCloak uses LDAP (FreeIPA) as user federation, so I want to create LDAP groups for users to access my JupyterHub service. I want users with jupyterhub_user groups to be able to login and have access to their personal instances of jupyter notebooks, users with jupyterhub_admin to have admin access and the rest not being able to login at all. There are plenty of examples online to setup JupyterHub with KeyCloak authentication and authorisation but I could find anything for the case where KeyCloak would use user groups from LDAP. Any help or insight would be much appreciated. Thank you.

You’ll need to extend the GenericAuthenticator to define the JupyterHub groups. See these two topics: