OpenID authentication

Rajan52 · March 27, 2025, 11:58pm

Hello everyone,

We’re using the OpenIDConnect node in our Authentication.ps1 script to handle authentication. We need a way to block all login attempts coming from student accounts.
Has anyone implemented a method to filter or deny specific domains in OpenIDConnect authentication? If so, how can we modify Authentication.ps1 to reject all student logins?
Any guidance or code snippets would be greatly appreciated!

Thanks in advance!

Please note that student accounts have a unique identifier that distinguishes them from regular user accounts. For example, student email addresses end with ‘@student.domain.com’, while regular user accounts use ‘@domain.com’."

PowerShell universal version used: 4.5.3

Greg · March 28, 2025, 1:20pm

Instead of doing it in PSU, would it make sense to use a group on the app registration and only allow certain groups of users to login? Otherwise it would be part of the role assignment to give them a role with no permissions I would think. Wouldn’t stop them from logging in, but would control what they do in PSU.

Topic		Replies	Views
PU identities (users) and passwords PowerShell Universal	2	379	April 29, 2022
Multiple OpenID Connect configurations PowerShell Universal	3	321	March 20, 2025
OpenID Connect with Certificate Credentials? PowerShell Universal	8	552	May 17, 2024
Problem with groups in Oauth2 attribute PowerShell Universal	5	294	October 25, 2023
OpenID - stay logged in redirect issue PowerShell Universal	9	701	December 28, 2022

OpenID authentication

Related topics