Keycloak SSO not working from v0.13.0
XAdaLovelace opened this issue · comments
Describe the bug
When upgrading datahub-frontend-react
to a higher version than v0.12.1 SSO with Keycloak does not work.
Expected behavior
A redirection of Datahub to Keycloak login page
My datahub is deployed on an on-prem environement but explaination:
When redirection is supposed to happen (which works great with v0.12.1), An error message is raised on the login page of datahub:
"Failed to sign out using Single Sign-On provider. Please contact your DataHub Administrator or refer to server logs for more information."
datahub-frontend-react
pod logs after attempting:
"Caught exception while attempting to redirect to SSO identity provider. It's likely that SSO integration is mis-configured."
I configured my values.yaml like this:
datahub:
...
oidcAuthentication:
enabled: true
provider: okta
clientId: datahub
clientSecret: <mySecretCode>
oktaDomain: myKeycloak.url/realms/westDH/.well-known/openid-configuration
scope: "openid profile email groups"
extraEnvs:
- name: AUTH_OIDC_ENABLED
value: "true"
- name: AUTH_OIDC_CLIENT_ID
value: your-client-id
- name: AUTH_OIDC_CLIENT_SECRET
value: your-client-secret
- name: AUTH_OIDC_DISCOVERY_URI
value: your-provider-discovery-url
- name: AUTH_OIDC_BASE_URL
value: your-datahub-url