Authorization error with jhipster+okta : ROLE_ADMIN not added

Question

I am trying to setup a test jhipster web app with okta as per this guide.

I am able to login with my jhipster web app with okta and I should be ROLE_ADMIN, but after getting redirected back to the webapp menu any attempt to navigate to an entity results in a not authorized/access denied page.

The IDE is Intellij and the build tool is gradle. I am using Java SDK 11.

The okta has ROLE_ADMIN and ROLE_USER groups:

I have added the claim:

The console logs:

Enter: add() with argument[s] = [AuditEvent [timestamp=2020-04-25T19:50:39.747921400Z, principal=anonymousUser, type=AUTHORIZATION_FAILURE, data={details=org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null, type=org.springframework.security.access.AccessDeniedException, message=Access is denied}]]
Exit: add() with result = null
WARN 16660 --- [ XNIO-1 task-52] o.z.problem.spring.common.AdviceTraits   : Unauthorized: Full authentication is required to access this resource
WARN 16660 --- [ XNIO-1 task-52] .m.m.a.ExceptionHandlerExceptionResolver : Resolved [org.springframework.security.authentication.InsufficientAuthenticationException: Full authentication is required to access this resource]

In trying to fix the error I have added both users and groups to the assignments under the application:

But the problem persists.

What is the fix to be authorized as ADMIN?

Answer 1

Change your groups claim to use a filter of "Matches regex" and it should fix your problem.