No need for custom property mapper

Signed-off-by: David Young <davidy@funkypenguin.co.nz>
2025-12-13 01:36:23 +00:00 · 2023-11-09 09:32:58 +13:00
parent 8a01e6bfa2
commit f769cec6f5
5 changed files with 4 additions and 27 deletions
--- a/docs/kubernetes/oidc-authentication/k3s-authentik.md
+++ b/docs/kubernetes/oidc-authentication/k3s-authentik.md
@@ -76,7 +76,7 @@ kubectl oidc-login setup \
 All going well, your browser will open a new window, logging you into authentik, and on the CLI you should get output something like this:

 ```
-~ ❯ kubectl oidc-login setup --oidc-issuer-url=https://authentik.example.com/application/o/kube-apiserver/ --oidc-client-id=kube-apiserver --oidc-client-secret=cVj4YqmB4VPcq6e7 --oidc-extra-scope=groups,email
+~ ❯ kubectl oidc-login setup --oidc-issuer-url=https://authentik.example.com/application/o/kube-apiserver/ --oidc-client-id=kube-apiserver --oidc-client-secret=cVj4YqmB4VPcq6e7 --oidc-extra-scope=profile,email
 authentication in progress...

 ## 2. Verify authentication
@@ -126,7 +126,7 @@ kubectl config set-credentials oidc \
 --exec-arg=--oidc-issuer-url=https://authentik.example.com/application/o/kube-apiserver/ \
 --exec-arg=--oidc-client-id=kube-apiserver \
 --exec-arg=--oidc-client-secret=<your client secret> \
- --exec-arg=--oidc-extra-scope=groups \
+ --exec-arg=--oidc-extra-scope=profile \
 --exec-arg=--oidc-extra-scope=email
 ```