Using Azure AD OpenID Connect (OIDC) for Authentication

Hey

So i removed the groups_prefix and ran it and i see the below as the JWT:

{
  "exp": 1592295583,
  "jti": "e1425f1bdc04fcbf44623sce4ffa4d95",
  "sub": "oidc:username@domain.com",
  "groups": [
    "[\"70aed41c-93ef-4088-9fab-196d5d978c9e\",\"8a5d117e-bbbf-4706-ac17-81136e33d7bf\",\"608d8baf-b7d4-4fe1-a5d7-aac3b133d322\"]"
  ],
  "provider": {
    "provider_id": "AzureAD",
    "provider_type": "oidc",
    "user_id": "6JNSeREDSv1fJODWTf0L4uMrR4s3liNuyC4lP8WW_kY"
  },
  "api_key": false
}

that then showed the following in Sensu with no permissions being granted

It definitely seems to be passing it incorrectly - i can’t see any tunables to change that, what i thought about doing was just passing a seperate attribute and using that as the group_claim but i couldn’t get it in the right format.

All i can see in the application manifest is to set: “groupMembershipClaims”: “SecurityGroup” unfortunately but I may be missing something (its late in AU at the moment)