Roles with ShinyProxy 2.6.1 access with Identity Server

I try to add the authentication with Identity Server. The configuration is quite simple

  title: Open Analytics Shiny Proxy
  port: 8080
  authentication: openid
    auth-url: https://identityserverurl/connect/authorize
    token-url: https://identityserverurl/connect/token
    jwks-url: https://identityserverurl/.well-known/openid-configuration/jwks
    logout-url: https://identityserverurl/Account/Logout?return=http://yourshinyproxy:8080/
    client-id: ShinyProxy
    client-secret: secret
    scopes: [ "openid", "profile", "roles" ]
    username-attribute: aud
    roles-claim: role

And the authentication seems working. When I add the access-groups to display only the app for a particular role, it doesn’t work

  - id: 01_hello
    display-name: Hello Application
    description: Application which demonstrates the basics of a Shiny app
    container-cmd: ["R", "-e", "shinyproxy::run_01_hello()"]
    container-image: openanalytics/shinyproxy-demo
    container-network: sp-example-net
    access-groups: 200122-user

The same code is working with the version 2.4.3 of ShinyProxy.

Is there anything I missed for this configuration in the ShinyProxy 2.6.1?


In attachment you have the log for my ShinyProxy. Although I authenticate myself as admin or with my other accounts on the Identity Server, in the log I can only find

User logged in [user: [ShinyProxy]]

and then I read

No roles claim with name role found

Also, in the website the username is [ShinyProxy] and not the username.

I tried to change the line

username-attribute: aud


username-attribute: name

but in this case I get an error from the proxy.