Closed andrehluizsilva closed 5 years ago
We found the problem. It was related to the permissions on google service account that was setup with https://www.googleapis.com/auth/admin.directory.group and not .readonly option.
We changed the permissions and the group worked.
We are using the oauth2_proxy running in Kubernetes to authenticate google user with Kibana application. We manage to authenticate using only the -email-domain flag and -authenticated-emails-file. But after we add the flags -google-admin-email and -google-group and -google-service-account-json we started receiving 403 Permission Denied - Invalid Account.
We follow the steps for configuration the admin account and the service account but its with no success on authenticate after the change, there is a way to identify and Debug this process to find the root cause ?
Here are the parameters used in the chart: