Temporal Web (UI) OIDC Setup Issue

ssolay · April 10, 2026, 8:38pm

Hello - we are integrating SSO using OIDC on Temporal Web UI and SSO has been successfull , but the page timeouts and have to re login in 5 minutes with the below messages in UI and docker logs in session. Also provided the OIDC Settings which has been configured

invalid ID token: token invalid or expired

2026/04/10 20:13:16 [JWT Validation] Token verification failed: oidc: token is expired (Token Expiry: 2026-04-10 19:15:45 +0000 UTC)
2026/04/10 20:13:16 token_refresh_attempt ip=10.185.192.85
2026/04/10 20:13:16 token_refresh_failed reason=missing_refresh_token ip=10.185.192.85 duration_ms=0
2026/04/10 20:13:21 [Auth] Validating ID token from Authorization-Extras header
2026/04/10 20:13:21 [JWT Validation] Token verification failed: oidc: token is expired (Token Expiry: 2026-04-10 19:15:45 +0000 UTC)
2026/04/10 20:13:21 token_refresh_attempt ip=10.185.192.85
2026/04/10 20:13:21 token_refresh_failed reason=missing_refresh_token ip=10.185.192.85 duration_ms=0
2026/04/10 20:13:40 [Auth] Validating ID token from Authorization-Extras header
2026/04/10 20:13:40 [JWT Validation] Token verified successfully
2026/04/10 20:13:42 token_refresh_attempt ip=10.136.41.43
2026/04/10 20:13:42 token_refresh_failed reason=missing_refresh_token ip=10.136.41.43 duration_ms=0
2026/04/10 20:13:44 [Auth] Validating ID token from Authorization-Extras header
2026/04/10 20:13:44 [JWT Validation] Token verification failed: oidc: token is expired (Token Expiry: 2026-04-10 18:26:43 +0000 UTC)
2026/04/10 20:13:44 token_refresh_attempt ip=10.136.41.45
2026/04/10 20:13:44 token_refresh_failed reason=missing_refresh_token ip=10.136.41.45 duration_ms=0
sudo-sh[root@ip-10-122-150-170]# timed out waiting for input: auto-logout
Working directory prior to timeout: /home/e5us3s
sudo-sh[ssm-user@ip-10-122-150-170]$

environment:
  TEMPORAL_ADDRESS: temporal:7233
  TEMPORAL_UI_PORT: "8080"
  maxSessionDuration: "8h"
  TEMPORAL_AUTH_ENABLED: "true"
  TEMPORAL_AUTH_TYPE: "oidc"
  TEMPORAL_AUTH_PROVIDER_URL: "https://fmsso-devl.fanniemae.com"
  TEMPORAL_AUTH_ISSUER_URL: "https://fmsso-devl.fanniemae.com"
  TEMPORAL_AUTH_CLIENT_ID: "sso-p2x-IDS-d2-oidc-cots-Temporal"
  TEMPORAL_AUTH_CLIENT_SECRET: "****"
  TEMPORAL_AUTH_CALLBACK_URL: "https://temporal-idp-ec2.temporal.devl-utss.aws.fanniemae.com/auth/sso/callback"
  TEMPORAL_AUTH_SCOPES: "openid,email,profile"
  TEMPORAL_AUTH_SESSION_TTL: "1h"
  TEMPORAL_AUTH_SESSION_IDLE_TTL: "1h"
  TEMPORAL_AUTH_OIDC_TOKEN_REFRESH_ENABLED: "true"

Topic		Replies	Views
Error using OIDC Community Support web-ui	3	1511	April 22, 2022
Temporal web openid authentication fails Community Support web-ui	3	1333	May 29, 2021
Issue in Enabling SSO for Web Community Support web-ui	9	2390	October 4, 2021
Sso with new temporal ui is not working Community Support helm , web-ui	4	2613	June 14, 2024
New temporal UI in login loop Community Support web-ui	3	862	May 26, 2022

Temporal Web (UI) OIDC Setup Issue

Related topics