When doing organization, group, or role sync there is very little resources to debug or inform the settings choices.

In the past, we relied on checking the debug logs and hitting a specific owner only endpoint to see claim information.

Debug features should include:

• Detected claims fields: Sync Field should have a list of fields sent over by the IDP to select from. Showing what fields are available
• Mapping table rows should have:
  • Green/red if the IDP group was found or not. To suggest an unused mapping
  • Autocomplete list of all the idp groups found.
• Stretch goal: A "preview" of what orgs/groups/roles a specific user get's mapped to. As well as a partial dump of their claims.

Backend implementation

We currently store a user's claims as debug_context in the database. We should rename this to link_claims and embrace it more fully.

We can then run queries across the json payloads to accomplish the auto-complete lists.