GitHub user johannes-ws deleted a comment on the discussion: How to update user
datas every they login SSO in Superset 5.0.0?
> Yes, with AUTH_USER_REGISTRATION = False in Superset 5.0.0, users must be
> pre-registered before their first SSO login. However, you can still update
> user attributes (like email, first_name, last_name, etc.) on every SSO login
> by customizing the SecurityManager.
>
> To do this, subclass SupersetSecurityManager and override the oauth_user_info
> method. This method is called on each SSO login and can fetch fresh user info
> from your SSO/OAuth provider. Superset will update the user record with the
> returned attributes each time the user logs in, as long as the user already
> exists in the database.
>
> Here’s a minimal example:
>
> ```python
> # custom_sso_security_manager.py
> import logging
> from superset.security import SupersetSecurityManager
>
> class CustomSsoSecurityManager(SupersetSecurityManager):
> def oauth_user_info(self, provider, response=None):
> if provider == 'your_provider':
> # Replace with your logic to fetch user info from the SSO provider
> user_info =
> self.appbuilder.sm.oauth_remotes[provider].get('userDetails').json()
> logging.debug(f"user_data: {user_info}")
> return {
> 'username': user_info['user_name'],
> 'email': user_info['email'],
> 'first_name': user_info.get('first_name', ''),
> 'last_name': user_info.get('last_name', ''),
> }
> return super().oauth_user_info(provider, response)
> ```
>
> Then in your `superset_config.py`:
>
> ```python
> from custom_sso_security_manager import CustomSsoSecurityManager
> CUSTOM_SECURITY_MANAGER = CustomSsoSecurityManager
> AUTH_USER_REGISTRATION = False # Users must be pre-created
> ```
>
> If you want roles to sync with SSO groups on every login, set
> `AUTH_ROLES_SYNC_AT_LOGIN = True` in your config. If you want to keep manual
> role assignments, set it to False. See more in the [official docs and
> examples](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/docs/docs/configuration/configuring-superset.mdx)
> and [community
> discussions](https://github.com/apache/superset/discussions/32424).
>
> This pattern works for any SSO/OAuth provider supported by Superset. Just
> ensure your oauth_user_info method returns the correct user attributes, and
> Superset will update them on every login.
>
> _To reply, just mention [@dosu](https://go.dosu.dev/dosubot)._
>
> How did I do?
> [Good](https://app.dosu.dev/response-feedback/c406d3ec-3b10-49cf-bbe2-efc0d27de78a?feedback_type=great_response)
> |
> [Irrelevant](https://app.dosu.dev/response-feedback/c406d3ec-3b10-49cf-bbe2-efc0d27de78a?feedback_type=irrelevant_answer)
> |
> [Incorrect](https://app.dosu.dev/response-feedback/c406d3ec-3b10-49cf-bbe2-efc0d27de78a?feedback_type=incorrect_sources)
> |
> [Verbose](https://app.dosu.dev/response-feedback/c406d3ec-3b10-49cf-bbe2-efc0d27de78a?feedback_type=too_verbose)
> |
> [Hallucination](https://app.dosu.dev/response-feedback/c406d3ec-3b10-49cf-bbe2-efc0d27de78a?feedback_type=hallucination)
> | [Report
> 🐛](https://app.dosu.dev/response-feedback/c406d3ec-3b10-49cf-bbe2-efc0d27de78a?feedback_type=bug_report)
> |
> [Other](https://app.dosu.dev/response-feedback/c406d3ec-3b10-49cf-bbe2-efc0d27de78a?feedback_type=other)
> [](https://app.dosu.dev/a28d3c7e-a9d3-459e-9fb6-3a6f9ff4f357/ask?utm_source=github)
[](https://go.dosu.dev/discord-bot)
[](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/superset/discussions/34608)
i already used this code, but my user data doesn't update every login sso.
@dosu
GitHub link:
https://github.com/apache/superset/discussions/34608#discussioncomment-14099047
----
This is an automatically sent email for [email protected].
To unsubscribe, please send an email to:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
