Roles can be used to limit user access to certain pages. Only users with the role will be able to see the page, and the page will be filtered from menus if the user does not have the role.
Roles can be read from a custom claim on the OpenID Connect idToken. This should be an array of strings which are the role names. This needs to be configured at the OpenID Connect provider. The field that contains the roles array is configured in the config.auth.openId field in the Lowdefy configuration.
lowdefy: 3.23.3
config:
auth:
openId:
# Field in the user idToken that contains the roles array.
rolesField: [string]The pages that are protected by roles are configured in the config.auth.roles field in the Lowdefy configuration. This should be an object, where the keys are the role names, and the values are an array of pageIds that are protected by that role.
Examples
Protect pages using roles:
lowdefy: 3.23.3
config:
auth:
openId:
rolesField: custom_roles
roles:
user-admin:
- users
- new-user
- edit-user
sales:
- customers
- new-customer
- edit-customer
reports:
- sales-report
- operations-report