OAuth 2 / OIDC Synchronization configuration

This guide contains info about synchronization in your {$provider-id}.json file.
Set your enabled property under userSynchronization to true.

User attributes mapping

This is list of all user attributes which can be mapped from attributes in token in oidc response.

Property	Default value
username	email
principal	email
email	email
firstName	given_name
lastName	family_name

Full example with user synchronization with Google as provider

{
	"type": "oidc",
	"authenticationProperties": {
		"clientId": "123456789-xfgh546.apps.googleusercontent.com",
		"clientSecret": "${provider.client_secret}",
		"authorizationUri": "https://accounts.google.com/o/oauth2/v2/auth",
		"tokenUri": "https://www.googleapis.com/oauth2/v4/token",
		"jwkSetUri": "https://www.googleapis.com/oauth2/v3/certs",
		"userInfoUri": "https://www.googleapis.com/oauth2/v3/userinfo",
		"scope": [
		"openid", "profile", "email"
		],
		"userNameAttribute": "sub"
	},
	"userSynchronization": {
		"enabled": true,
		"userAttributesMapping": {
			"email": "email",
			"username": "email",
			"principal": "email",
			"firstName": "given_name",
			"lastName": "family_name"
		}
	}
}

User attributes mapping​

Full example with user synchronization with Google as provider​

User attributes mapping

Full example with user synchronization with Google as provider