Hi all, I want to allow only registered users to log-in.

- name: AUTH_OIDC_USER_NAME_CLAIM
      value: "email"
    - name: AUTH_OIDC_USER_NAME_CLAIM_REGEX
      value: "([^@]+)"
    - name: AUTH_OIDC_JIT_PROVISIONING_ENABLED
      value: "false"
    - name: AUTH_OIDC_PRE_PROVISIONING_REQUIRED
      value: "true"

But failed to restrict non-existing users to login. 1. Removed urn rows from RDB (

DELETE FROM metadata_aspect_v2 WHERE urn = 'urn:li:corpuser:test-user'

) 2. Deployed datahub with those env variables 3. Tried to login with

<mailto:test-use@my.company.com|test-use@my.company.com>

Still possible to login, but extraction of group and other information didn't work. (included screenshot too) Am I missing something? I want to disable login for non-registered users.

test-user

in this case. (I am using google oauth. FYI)

Heyhey

Hi, Thanks for the answer. Will send debug logs soon according to the document you provided.

Hi @big-carpet-38439, I'm facing the same issue. Could you help me? Here are the logs and I confirmed that the env var is there

@crooked-arm-29627 You have this set to true, but people who have not yet been ingested are able to log in?

yep, I deleted my own record calling the API

/entities?action=delete

and directly on the DB, going to a new incognito browser tab, and I'm able to login and my db record is created again (using oauth with google). Ok let me try with that var