Oauth2 Microsoft additional fields

Oauth2 Microsoft additional fields

by dan attwood -
Number of replies: 1

Hello

I've followed the instructions at 

OAuth 2 Microsoft service - MoodleDocs

to connect to an Oauth 2 MS service. In terms of the user logging in everything is fine.

But how do I access the additional user information fields in order to map them?

 When I test the login service via 'test settings' on the auth plugins page I can see the following user data being returned

sub
name
family_name
given_name
picture
email

We want to also map jobtitle and department but I can't see these being returned? If I add them the field mapping they aren't updated in the user table.

I'm assuming that that is an additional permission or setting needed as the MS app setup side but I'm unable to find it.

Average of ratings: -
In reply to dan attwood

Re: Oauth2 Microsoft additional fields

by dan attwood -
I have now found a working solution to this issue:

By default the User.read scope will return a limited set of fields from the user profile. In order to pull in other fields you will need to alter the userinfo_endpoint.

Click to configure the user endpoints.

Either edit or create a endpoint called 'userinfo_endpoint'.

Enter the following url: https://graph.microsoft.com/v1.0/me/?$select=department,displayName,givenName,jobTitle,userPrincipalName,surname,mail

The comma separated list after the $select parameter will need to include each of the fields that you wish to return - using this method will override the existing fields. Make sure to include userPrincipalName and mail as a minimum.

You will now be able to map these fields as required.


I have added this information to the Moodle wiki
Average of ratings: -