Skip to content

Document ClaimActions configuration for dashboard OpenID Connect authentication #5192

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Oct 13, 2025
Merged

Document ClaimActions configuration for dashboard OpenID Connect authentication #5192

merged 6 commits into from
Oct 13, 2025

Conversation

Copy link
Contributor

Copilot AI commented Oct 10, 2025
edited by github-actions bot
Loading

Description

This PR documents the new ClaimActions configuration feature for the Aspire dashboard's OpenID Connect authentication, introduced in dotnet/aspire#8396.

The ClaimActions configuration allows users to map custom claims from their OpenID Connect identity provider's user info endpoint to the dashboard user's claims identity. This is particularly useful for scenarios requiring role-based authentication or mapping custom claims that aren't included by default.

Changes

  • Added Dashboard:Frontend:OpenIdConnect:ClaimActions configuration option to the Frontend authentication table
  • Created a new "Claim actions" subsection with detailed documentation including:
    • Property reference table for all ClaimAction properties (ClaimType, JsonKey, SubKey, IsUnique, ValueType)
    • Complete JSON configuration example demonstrating role-based authentication
    • Environment variable configuration example
    • Advanced example showing nested JSON property mapping using SubKey
  • Updated ms.date to reflect the documentation update

Example Usage

JSON Configuration

{
  "Dashboard": {
    "Frontend": {
      "OpenIdConnect": {
        "ClaimActions": [
          {
            "ClaimType": "role",
            "JsonKey": "role"
          }
        ]
      }
    }
  }
}

Environment Variables

export Dashboard__Frontend__OpenIdConnect__ClaimActions__0__ClaimType="role"
export Dashboard__Frontend__OpenIdConnect__ClaimActions__0__JsonKey="role"

Fixes the documentation request from dotnet/aspire#8396.

Original prompt

Document configuring claims actions on the dashboard configuration page. See @dotnet/aspire/pull/8396 for details

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Internal previews

📄 File 🔗 Preview link
docs/fundamentals/dashboard/configuration.md docs/fundamentals/dashboard/configuration

Copilot AI changed the title [WIP] Document configuring claims actions on dashboard Document ClaimActions configuration for dashboard OpenID Connect authentication Oct 10, 2025
Copilot AI requested a review from JamesNK October 10, 2025 07:54
Copilot finished work on behalf of JamesNK October 10, 2025 07:54
JamesNK
JamesNK reviewed Oct 10, 2025
View reviewed changes
JamesNK
JamesNK reviewed Oct 10, 2025
View reviewed changes
JamesNK
JamesNK reviewed Oct 10, 2025
View reviewed changes
@JamesNK JamesNK marked this pull request as ready for review October 10, 2025 08:01
@JamesNK JamesNK requested a review from IEvangelist as a code owner October 10, 2025 08:01
Copilot AI review requested due to automatic review settings October 10, 2025 08:01
Copilot AI reviewed Oct 10, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR documents the new ClaimActions configuration feature for the Aspire dashboard's OpenID Connect authentication. The documentation explains how users can map custom claims from their OpenID Connect identity provider's user info endpoint to the dashboard user's claims identity, which is particularly useful for role-based authentication scenarios.

Key changes include:

  • Added comprehensive documentation for the ClaimActions configuration option
  • Created a detailed "Claim actions" subsection with property reference and examples
  • Updated the documentation date to reflect the current changes

@JamesNK
Copy link
Member

JamesNK commented Oct 10, 2025

@IEvangelist Documentation for a vNext feature. Can you review and merge into the next major release branch.

@IEvangelist IEvangelist changed the base branch from main to release-13 October 10, 2025 13:04
@IEvangelist IEvangelist merged commit 5f42178 into release-13 Oct 13, 2025
10 checks passed
@IEvangelist IEvangelist deleted the copilot/document-claims-actions-configuration branch October 13, 2025 13:01
@IEvangelist IEvangelist added 🗺️ reQUEST Triggers an issue to be imported into Quest. area-docs labels Oct 13, 2025
@dotnetrepoman dotnetrepoman bot added the 🗺️ mapQUEST Only used as a way to mark an issue as updated. RepoMan should instantly remove it. label Oct 13, 2025
@dotnet-policy-service dotnet-policy-service bot removed the 🗺️ mapQUEST Only used as a way to mark an issue as updated. RepoMan should instantly remove it. label Oct 13, 2025
@IEvangelist IEvangelist added this to the 13.0 milestone Oct 13, 2025
@IEvangelist IEvangelist mentioned this pull request Oct 13, 2025
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JamesNK JamesNK JamesNK left review comments

Copilot code review Copilot Copilot left review comments

@IEvangelist IEvangelist IEvangelist approved these changes

Assignees

@JamesNK JamesNK

Copilot code review Copilot

Labels

area-docs 🗺️ reQUEST Triggers an issue to be imported into Quest.

Projects

dotnet/docs October 2025 sprint
Status: 🔖 Ready

Milestone

13.0

Development

Successfully merging this pull request may close these issues.

3 participants

@JamesNK @IEvangelist