When attempting to log in using the newly established OAuth SSO, the following error may occur:
Error handling OAuth2 login: No email was found on the OAuth response
The aforementioned error is thrown because by default, Artifactory is looking for a "preferred_username" or "email" property in the returned JSON response to use as an internal username. In some cases, none of these are returned, this is dependent on the Azure AD/OICD settings.
To overcome this, a new Artifactory system property was introduced in version 7.4.0, which allows to explicitly specify the field Artifactory would use as the username identifier from the Open ID response. This can be accomplished by adding the artifactory.oauth.user.info.identifier property to the $ARTIFACTORY_HOME/etc/artifactory/artifactory.system.properties file, with the value being the desired field, for example:
artifactory.oauth.user.info.identifier=unique_name
* A restart of Artifactory is required for the above to take effect