group filter in Microsoft connector

[jagadeesh-kancherla-tfs]

Preflight Checklist

• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue tracker for an issue that matches the one I want to file, without success.

Problem Description

We are using dex with ldap connector now switching to Microsoft connector, dex is getting all the groups from AD which causing issue for authentication

Proposed Solution

Previously we are using ldap which have filter for groups
groupSearch:
baseDN: dc=test,dc=com
filter: "(&(objectCategory=Group)(name=K8S----))"

expecting similar group filter in Microsoft

connectors:

type: microsoft
id: microsoft
name: Microsoft
config:
clientID:
clientSecret:
redirectURI:
tenant:

Is there any similar approach we have available in Microsoft connector?

Alternatives Considered

No response

Additional Information

No response

[nabokihms]

@jagadeesh-kancherla-tfs Hello! I think you need to use groups: ["a", "b", "c"] along with useGroupsAsWhitelist: true.

dex/connector/microsoft/microsoft.go

Lines 52 to 54 in f611470

	Groups []string `json:"groups"`
	GroupNameFormat GroupNameFormat `json:"groupNameFormat"`
	UseGroupsAsWhitelist bool `json:"useGroupsAsWhitelist"`