Not able to integrate sso with new temporal ui

Ruslan · August 17, 2022, 3:44pm

@madhu prioritize the auth issue right?

if so it’s already released, there is a TEMPORAL_SESSION_STORE_PATH docker env setting now. Try setting it to for example .tmp and let me know if this helps ui-server/config_template.yaml at b755cf777cb8027f74f73fc6b6724a50ae075743 · temporalio/ui-server · GitHub

madhu · August 18, 2022, 7:08am

Sure @Ruslan thanks much,let me try this and update you.

Ruslan · August 18, 2022, 8:03pm

just an fyi
setting this variable will switch the UI to a filesystem storage instead of cookie storage, which increases the cookie size limit

madhu · August 20, 2022, 7:04am

I fid a quick test with cookie storage and latest ui ,unfortunately i still see the same.login issue. Let me dive deep and confirm.

madhu · August 22, 2022, 9:32am

ok ,my call back url was configred as mydomain/ previously with legacy web ui.
i had to change the call back url to mydomain/auth/sso/callback

i am able to integrate with keycloak now… Thanks for the help @Ruslan and all the insights @sumesh_kanayi

raghudeshu · January 17, 2023, 6:06pm

madhu:

     - TEMPORAL_ADDRESS=temporal:7233
      - TEMPORAL_CORS_ORIGINS=http://localhost:3000
      - TEMPORAL_AUTH_ENABLED=true
      - TEMPORAL_AUTH_CALLBACK_URL=http://localhost:8098
      - TEMPORAL_AUTH_PROVIDER_URL=https://my-corp-authserverurl
      - TEMPORAL_AUTH_LABEL=my-corp-sso
      - TEMPORAL_AUTH_TYPE=oidc
      - TEMPORAL_AUTH_CLIENT_ID=temporal
      - TEMPORAL_AUTH_CLIENT_SECRET=someuuidsecret

Hi Madhu,

How did you set these environment variables in the helm? when I am passing the commands like below its not honoring

Sample command:
“helm upgrade temporalv13 -f values.yaml -f values/values.cassandrapocv2dev.yaml --set server.replicaCount=5 --set TEMPORAL_AUTH_ENABLED=true – SET ALL PROPERTIES as per your comment . --timeout 900s -n telos-poc”