administrator/frigate
1
0
Fork 0
mirror of https://github.com/blakeblackshear/frigate.git synced 2026-04-03 13:54:55 +03:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

remove role mapping config from ui

Browse Source
This commit is contained in:
Josh Hawkins 2026-03-30 09:29:15 -05:00
parent 053aa6fe32
commit 39cacc0be9
1 changed files with 1 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
docs/docs/configuration/authentication.md
View File

@ -232,19 +232,7 @@ proxy:
## Role mapping ## Role mapping
In some environments, upstream identity providers (OIDC, SAML, LDAP, etc.) do not pass a Frigate-compatible role directly, but instead pass one or more group claims. To handle this, Frigate supports a `role_map` that translates upstream group names into Frigate's internal roles (`admin`, `viewer`, or custom). In some environments, upstream identity providers (OIDC, SAML, LDAP, etc.) do not pass a Frigate-compatible role directly, but instead pass one or more group claims. To handle this, Frigate supports a `role_map` that translates upstream group names into Frigate's internal roles (`admin`, `viewer`, or custom). This is configurable via YAML in the configuration file:
<ConfigTabs>
<TabItem value="ui">
Navigate to <NavPath path="Settings > System > Proxy" /> and configure the role mapping under the header mapping settings.
| Field | Description |
| ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ |
| **Header mapping > Role map** | Maps upstream group names to Frigate roles. Each Frigate role (`admin`, `viewer`, or custom) maps to a list of upstream group names. |
</TabItem>
<TabItem value="yaml">
```yaml ```yaml
proxy: proxy:
@ -262,9 +250,6 @@ proxy:
- operators - operators
``` ```
</TabItem>
</ConfigTabs>
In this example: In this example:
- If the proxy passes a role header containing `sysadmins` or `access-level-security`, the user is assigned the `admin` role. - If the proxy passes a role header containing `sysadmins` or `access-level-security`, the user is assigned the `admin` role.