Temporal worker authorization roles

I have been trying to authorize my worker by setting the role namespace:*, somehow I feel the temporal server which is helm based is not interpreting the permissions correctly.

authorization:
      jwtKeyProvider:
        keySourceURIs:
          - https://login.microsoftonline.com/$tenant_id/discovery/v2.0/keys
        refreshInterval: 1m
      permissionsClaimName: roles
      authorizer: default
      claimMapper: default

on the worker side after authentication I get the following:

RuntimeError: Worker validation failed

Caused by:
    0: Namespace test was not found or otherwise could not be described: Status { code: PermissionDenied, message: "Request unauthorized.", details: b"\x08\x07\x12\x15Request unauthorized.\x1aJ\nHtype.googleapis.com/temporal.api.errordetails.v1.PermissionDeniedFailure", metadata: MetadataMap { headers: {"content-type": "application/grpc"} }, source: None }

Somehow I am not able to get this working by just following the documentation. Any assist is appreciated.

Hi,

Which documentation are you referring to and which namespace are you trying to connect to? The error message seems to imply you try to connect to the test namespace. Does this namespace exist?

–Hardy

Hello,

the namespace exists and on the azure side I assign test:* role to the application and I already see it when I decode the returned token.