From 11082f25d75034838aa79a06f9d1db39b2fc7d84 Mon Sep 17 00:00:00 2001
From: Mauricio Siu <siumauricio@icloud.com>
Date: Sun, 1 Feb 2026 00:35:42 -0600
Subject: [PATCH] feat(sso): enhance OIDC registration mapping for Azure and
 other providers

- Updated the mapping logic in `register-oidc-dialog` to differentiate between Azure and other identity providers.
- Simplified the mapping structure for user attributes based on the issuer, improving flexibility in handling various OIDC providers.
---
 .../proprietary/sso/register-oidc-dialog.tsx  | 25 +++++++++++++------
 .../proprietary/sso/sso-settings.tsx          |  8 +++---
 2 files changed, 21 insertions(+), 12 deletions(-)

diff --git a/apps/dokploy/components/proprietary/sso/register-oidc-dialog.tsx b/apps/dokploy/components/proprietary/sso/register-oidc-dialog.tsx
index 2b7400e61..77a68a55a 100644
--- a/apps/dokploy/components/proprietary/sso/register-oidc-dialog.tsx
+++ b/apps/dokploy/components/proprietary/sso/register-oidc-dialog.tsx
@@ -101,6 +101,22 @@ export function RegisterOidcDialog({ children }: RegisterOidcDialogProps) {
 			const scopes = data.scopes.filter(Boolean).length
 				? data.scopes.filter(Boolean)
 				: DEFAULT_SCOPES;
+
+			const isAzure = data.issuer.includes("login.microsoftonline.com");
+			const mapping = isAzure
+				? {
+						id: "sub",
+						email: "preferred_username",
+						emailVerified: "email_verified",
+						name: "name",
+					}
+				: {
+						id: "sub",
+						email: "email",
+						emailVerified: "email_verified",
+						name: "preferred_username",
+						image: "picture",
+					};
 			await mutateAsync({
 				providerId: data.providerId,
 				issuer: data.issuer,
@@ -110,14 +126,7 @@ export function RegisterOidcDialog({ children }: RegisterOidcDialogProps) {
 					clientSecret: data.clientSecret,
 					scopes,
 					pkce: true,
-					// Keycloak (and many IdPs) send preferred_username; better-auth expects name
-					mapping: {
-						id: "sub",
-						email: "email",
-						emailVerified: "email_verified",
-						name: "preferred_username",
-						image: "picture",
-					},
+					mapping,
 				},
 			});
 
diff --git a/apps/dokploy/components/proprietary/sso/sso-settings.tsx b/apps/dokploy/components/proprietary/sso/sso-settings.tsx
index 2a686d82c..81842fa02 100644
--- a/apps/dokploy/components/proprietary/sso/sso-settings.tsx
+++ b/apps/dokploy/components/proprietary/sso/sso-settings.tsx
@@ -109,12 +109,12 @@ export const SSOSettings = () => {
 									Add OIDC provider
 								</Button>
 							</RegisterOidcDialog>
-							<RegisterSamlDialog>
+							{/* <RegisterSamlDialog>
 								<Button variant="secondary" size="sm">
 									<LogIn className="mr-2 size-4" />
 									Add SAML provider
 								</Button>
-							</RegisterSamlDialog>
+							</RegisterSamlDialog> */}
 						</div>
 					)}
 
@@ -234,12 +234,12 @@ export const SSOSettings = () => {
 										Add OIDC provider
 									</Button>
 								</RegisterOidcDialog>
-								<RegisterSamlDialog>
+								{/* <RegisterSamlDialog>
 									<Button variant="outline">
 										<LogIn className="mr-2 size-4" />
 										Add SAML provider
 									</Button>
-								</RegisterSamlDialog>
+								</RegisterSamlDialog> */}
 							</div>
 						</div>
 					)}