Giters

datahub-project / datahub

The Metadata Platform for your Data Stack

Home Page:https://datahubproject.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Keycloak SSO not working from v0.13.0

XAdaLovelace opened this issue · comments

commented

Describe the bug
When upgrading datahub-frontend-react to a higher version than v0.12.1 SSO with Keycloak does not work.

Expected behavior
A redirection of Datahub to Keycloak login page

My datahub is deployed on an on-prem environement but explaination:
When redirection is supposed to happen (which works great with v0.12.1), An error message is raised on the login page of datahub:
"Failed to sign out using Single Sign-On provider. Please contact your DataHub Administrator or refer to server logs for more information."

datahub-frontend-react pod logs after attempting:
"Caught exception while attempting to redirect to SSO identity provider. It's likely that SSO integration is mis-configured."

I configured my values.yaml like this:

datahub:
  ...
  oidcAuthentication:
    enabled: true
    provider: okta
    clientId: datahub
    clientSecret: <mySecretCode>
    oktaDomain: myKeycloak.url/realms/westDH/.well-known/openid-configuration
    scope: "openid profile email groups"
  extraEnvs:
    - name: AUTH_OIDC_ENABLED
      value: "true"
    - name: AUTH_OIDC_CLIENT_ID
      value: your-client-id
    - name: AUTH_OIDC_CLIENT_SECRET
      value: your-client-secret
    - name: AUTH_OIDC_DISCOVERY_URI
      value: your-provider-discovery-url
    - name: AUTH_OIDC_BASE_URL
      value: your-datahub-url