Permissions settings when using Twitter OpenID authentification

If I am going to use Twitter OpenID authentication, do I still need to put all users into settings.js to give them their permissions? Is this correct, or do I miss something?

If I would set up my own OpenID Server (e.g. Keycloak), could I set up the permissions in the OpenID server for each user, and then I would not need to manual put users and permissions into settings.js?

My settings.js for Twitter looks like this, with the usernames and permissions included.

adminAuth: {
    strategy: {
        name: "twitter",
        label: 'Sign in with Twitter',
        strategy: require("passport-twitter").Strategy,
        options: {
            consumerKey: TWITTER_APP_CONSUMER_KEY,
            consumerSecret: TWITTER_APP_CONSUMER_SECRET,
            callbackURL: "http://[my host name here]/auth/strategy/callback",
            verify: function(token, tokenSecret, profile, done) {
                done(null, profile);
    users: [
       { username: "Admin", permissions: ["*"]},
       { username: "UserA", permissions; ['Read']}

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.