I am trying to use the OIDC of Cloudron with Mattermost Team Edition. Since the Mattermost Team Edition is designed to do SSO only with Gitlab rather then any OIDC-Service I ran into some problems: Mattermost needs a special claim ("id") being a integer and unique per user to be added to the response. This normally is the number of the user within gitlab. However Cloudron does not have such an attribute nor provides the possibility to add it or customize the OIDC-Response in a way that it is provided.
As of today I am using a similar setup with Keycloak as IDP, which was set up similar to this explination. This worked fine for some years but to get rid of some complecity and cost of the setup I want to switch to Cloudron.
So now I am searching for a cheap workaround which enables SSO for Mattermost. I thought about something with simlesaml but I have never used it before so I fear it becoming a big task to circumvent such a little and additionally arbitrary limit. I thought that the id can be created by stripping all but the letters from the uid – as we are talking only about 200 users I would not expect this to results in any conflicts.
I already had a first look at the simplesaml docs. However I think it's the better way to first ask the crowd on possible ways to handle the problem before digging deep. That's because I assume anyone must already have had this problem.
Any ideas are appreciated! Thank you in advance.