Add paragraph about roles claim

oktadev · Apr 30, 2018 · f9b3a9f · f9b3a9f
1 parent b3c8203
commit f9b3a9f
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -74,6 +74,8 @@ If you don't have one, [create an Okta Developer account](https://developer.okta
 * Base URIs: `http://localhost:8081`
 * Login redirect URIs: `http://localhost:8081/login`
 
+You need to add a `roles` claim to your ID Token, so your groups in Okta are translated to Spring Security authorities. In your Okta developer console, navigate to **API** > **Authorization Servers**, click the **Authorization Servers** tab and edit the default one. Click the **Claims** tab and **Add Claim**. Name it "roles" and include it in the ID Token. Set the value type to "Groups" and set the filter to be a Regex of `.*`.
+
 Change `security.oauth2.*` properties in the following files to enter your client ID and client secret. 
 
 * [edge-service/src/main/resources/application.properties](../../tree/oauth/edge-service/src/main/resources/application.properties)