Is there a way to configure an allow-list of email domains for the OIDC authentication (google in our case)?
Hi <@U01AFJB5M9C>,
you can pass a regex definition to the OIDC authentication that defines which users should be allow by using the AUTH_OIDC_USER_NAME_CLAIM_REGEX environment variable in the datahub-frontend container.
Does this help you?
Oh, interesting! Based on the description ( # The regex used to parse the DataHub username from the user name claim. Defaults to (.*) (all)) I did not understand to associate this with an allow list.
So you are saying that if I define a regex that matches with my desired domains, the emails that fail to match will not be allowed in?
Yes, we are using the following regex to only allow access for a selected set of people: ((nameA|nameB)\@company\.com)
We use this for our dev environment
You might give it a try and see if you can achieve your desired outcome 
Awesome, thanks for the tip!
Worked flawlessly! Thanks again!
Glad to hear, you are welcome