Temporal web openid authentication fails

I’m exposing temporal web via kubernetes ingress with temporalio/web:1.9.1.
I have set up the config under server/config.yml
while trying to access the web app I see opened error below. Could some one help me debug

{“message”:"\n OPError: expected 200 OK, got: 404 Not Found\n at processResponse (/usr/app/node_modules/openid-client/lib/helpers/process_response.js:48:11)\n at /usr/app/node_modules/openid-client/lib/issuer.js:262:20\n at async /usr/app/node_modules/p-some/index.js:53:19\n OPError: invalid_client (Bad credentials)\n at processResponse (/usr/app/node_modules/openid-client/lib/helpers/process_response.js:45:13)\n at /usr/app/node_modules/openid-client/lib/issuer.js:262:20\n at async /usr/app/node_modules/p-some/index.js:53:19"}

Seems it doesn’t reach the oidc configuration

Are you able to reach the oidc configuration manually by opening it in your browser? To do that, add .well-known/openid-configuration to the address of your issuer parameter and open the link in your browser.

For example, here is google’s oidc config:

For okta this would be:


thanks, I had to change my issuer_url for the fix

1 Like