Temporal on K8 (Portal Issue)

Hello I am running Temporal on K8 and every time i do an operation on the frontend such as terminating a workflow i am redirected to a login? url that shows a 404. Any ideas why that is happening? We didn’t have this issue on Docker-Compose

This question has been replied in the community chat, pasting the thread here for the record:


Omar Sultan 11 hours ago

https://temporalio.slack.com/files/U03NG31MAH5/F03QQ8VB63X/image.png

image.png


image.png

Ruslan Aksenov 10 hours ago

if the login screen shows 404, seems the Auth disabled in your UI setup?

Ruslan Aksenov 10 hours ago

is your Temporal server set up with Authorizer/Claim mapper plugins?Wondering if the plugins deny Terminate operation and the 403 error results in UI trying to authenticate you by redirecting to the login screen

Adrian Prananda 8 hours ago

I have the same issues here. Enabling TLS through docker-compose works, but got a 404 through AWS ECS

Adrian Prananda 8 hours ago

It might also be CORS problems.

Omar Sultan 5 hours ago

Hi Ruslan, we have the Auth set as disabled and the ENABLE_API_WRITE env variable set to true. We don’t have any Authorization/Claim mapper plugins

Omar Sultan 5 hours ago

As adrian mentioned I am suspecting COR issue as well , do you know where in the HELM we can setup the CORS Values (If Any)

Ruslan Aksenov 4 hours ago

yea this can be CORS + CSRF protection. In this case POST/… requests (Terminate) will return 403In UI v2 you can set this value for CORS https://docs.temporal.io/references/ui-configuration/#cors (edited)

docs.temporal.iodocs.temporal.io

Temporal Web UI configuration reference | Temporal Documentation

The Temporal Web UI Server uses a configuration file for many of the UI’s settings.

Omar Sultan 18 minutes ago

Thanks a lot Ruslan, it seems the issue actually related to cors, as it only fails when I try to access the cluster using the exposed NodePort but works fine if I’m doing a k8 port forward for that service and accessing it using local host