Netbird + Zitadel: All roles in scopes for Device Authorization
Hi all !
I'm currently using Netbird 3.9.1 and an external Zitadel.
I'm having a real security issue with Netbird.
When a user logs in with Netbird, all roles in the Netbird project are displayed in the device authorization request.
The user should only be able to see the roles assigned to them.
I should point out that I followed this tutorial (https://github.com/netbirdio/netbird/issues/1713) to enable JWT group synchronization.
Thank you for your help !
I'm currently using Netbird 3.9.1 and an external Zitadel.
I'm having a real security issue with Netbird.
When a user logs in with Netbird, all roles in the Netbird project are displayed in the device authorization request.
The user should only be able to see the roles assigned to them.
I should point out that I followed this tutorial (https://github.com/netbirdio/netbird/issues/1713) to enable JWT group synchronization.
Thank you for your help !
GitHub
Describe the problem I've been trying to configure self-hosted Netbird with Zitadel as IDP to use user roles which I've created under the Netbird project in Zitadel, but without any success...
