原文地址: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/oidc-user-metadata.html, 原文档版权归 www.elastic.co 所有
IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
User metadataedit
By default users who authenticate via OpenID Connect will have some additional metadata
fields. These fields will include every OpenID Claim that is provided in the authentication response
(regardless of whether it is mapped to an Elasticsearch user property). For example,
in the metadata field oidc(claim_name)
, "claim_name" is the name of the
claim as it was contained in the ID Token or in the User Info response. Note that these will
include all the ID Token claims
that pertain to the authentication event, rather than the user themselves.
This behaviour can be disabled by adding populate_user_metadata: false
as
a setting in the oidc realm.