Temporal web openid authentication fails

Pruthvi · May 28, 2021, 4:51am

I’m exposing temporal web via kubernetes ingress with temporalio/web:1.9.1.
I have set up the config under server/config.yml
while trying to access the web app I see opened error below. Could some one help me debug

{“message”:"\n OPError: expected 200 OK, got: 404 Not Found\n at processResponse (/usr/app/node_modules/openid-client/lib/helpers/process_response.js:48:11)\n at /usr/app/node_modules/openid-client/lib/issuer.js:262:20\n at async /usr/app/node_modules/p-some/index.js:53:19\n OPError: invalid_client (Bad credentials)\n at processResponse (/usr/app/node_modules/openid-client/lib/helpers/process_response.js:45:13)\n at /usr/app/node_modules/openid-client/lib/issuer.js:262:20\n at async /usr/app/node_modules/p-some/index.js:53:19"}

Ruslan · May 29, 2021, 12:10am

Seems it doesn’t reach the oidc configuration

Are you able to reach the oidc configuration manually by opening it in your browser? To do that, add .well-known/openid-configuration to the address of your issuer parameter and open the link in your browser.

For example, here is google’s oidc config:
https://accounts.google.com/.well-known/openid-configuration

For okta this would be:

https://dev-xxxxxxx.okta.com/.well-known/openid-configuration

Pruthvi · May 29, 2021, 12:51am

thanks, I had to change my issuer_url for the fix

Topic		Replies	Views
Temporal Web Custom Config with Oauth fails Community Support web-ui	5	817	May 29, 2021
Error using OIDC Community Support web-ui	3	1351	April 22, 2022
Problem configuring SSO with keycloak Community Support web-ui , sso	6	516	October 2, 2024
Issue in Enabling SSO for Web Community Support web-ui	9	1882	October 4, 2021
New temporal UI in login loop Community Support web-ui	3	767	May 26, 2022

Temporal web openid authentication fails

Related topics