Limit OIDC log in to allowed domains

[iainsproat]

The Grafana configuration for oauth has an allowed_domains parameter, requiring at least one of the domains to which a user belongs to match a specified domain.
https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/generic-oauth/

Does seq have any similar parameter?

[nblumhardt]

Hi Ian,

No, not currently; we'd rather leave access control in the hands of the identity provider as much as possible, so it's uncertain we'd consider adding this, given the other options to automate user provisioning with the "automatic" setting switched off (such as seqcli user create).