Hey DataHub deployed on k8s with helm chart actual version

0.2.161

Recently we updated the application with Azure AD SSO and created a permission model based on groups uuid from Azure which is pulled from Azure AD while logging into DataHub and here problem araised not every group is being synced with DataHub from Azure AD (only groups with the specific prefix are being pulled to DataHub from AD) I’ve tried to search through docs and check If there is any variable to specify regex for groups but there is nothing or I didn’t catch that

<https://github.com/datahub-project/datahub/blob/master/datahub-frontend/conf/application.conf#L156>
<https://datahubproject.io/docs/authentication/guides/sso/configure-oidc-react/#user--group-provisioning-jit-provisioning>
<https://datahubproject.io/docs/authentication/guides/sso/configure-oidc-react-azure/>

Our config

datahub-frontend:
  extraEnvs:
    - name: AUTH_OIDC_JIT_PROVISIONING_ENABLED
      value: "true"
    - name: AUTH_OIDC_EXTRACT_GROUPS_ENABLED
      value: "true"
    - name: AUTH_OIDC_GROUPS_CLAIM
      value: "groups"
    - name: AUTH_JAAS_ENABLED
      value: "true"

  oidcAuthentication:
    enabled: true
    provider: azure
    clientId: change_me
    azureTenantId: change_me
    clientSecretRef:
      secretRef: "change_me"
      secretKey: "change_me"

I know that we can accomplish this somehow using this https://datahubproject.io/docs/generated/ingestion/sources/azure-ad but I wanted to ask if is there any chance to pull all groups to DataHub with Azure Ad provider rather than using an additional recipe for this My idea was to look for regex for groups and permissions in OIDC attributes/applications to access a wider list of groups? Or maybe there is the limitation that only a few groups are being pulled while logging and we cannot overcome this?

Hey there 👋 I'm The DataHub Community Support bot. I'm here to help make sure the community can best support you with your request. Let's double check a few things first: ✅ There's a lot of good information on our docs site: www.datahubproject.io/docs, Have you searched there for a solution? ✅ button ✅ It's not uncommon that someone has run into your exact problem before in the community. Have you searched Slack for similar issues? ✅ button Did you find a solution to your issue? ❌ Sorry you weren't able to find a solution. I'm sending you some tips on info you can provide to help the community troubleshoot. Whenever you feel your issue is solved, please react ✅ to your original message to let us know!

Hi, have you reviewed this doc? It provides some insight on using regex to select things out https://datahubproject.io/docs/authentication/guides/sso/configure-oidc-react/#advanced

Apologies for the delay in response. It was my oversight as I forgot to assign the Azure group to the application within the Azure UI. As a result, these groups were not synced/propagated to DataHub.