Customizing sso_permission_defaults dynamically


I am wondering, it is possible to customize sso_permission_defaults on the fly?

So for example if [email protected] logs in via OAuth then they have access to everything, while [email protected] logs in via OAuth then they would only have a subset of functionalities to the dashboard.

Or would all users have a single permission since this is not configurable, and the only way to accomplish this is to just create the user in the system via the API post SSO authentication?


I think this functionality (at least in part) is going to be included in the next release. If you take a look at the Github issue here: Provide authentication for registred user with admin API SSO · Issue #1310 · TykTechnologies/tyk · GitHub, and add any comments to it that you think would be useful then we’ll take them into consideration.


Yep, that would solve the issue at hand. I’ve added my +1s in the issue.