Open katrogan opened 2 years ago
I just ran into this exact problem! Setting up keycloak as the external IdP, I was getting this ambiguous message. After troubleshooting for quite a while, I found your issue, and saw you mentioned the audience and was able to track down the allowedAudience setting. Having a more clear message would have certainly been helpful! 😄
Hello 👋, This issue has been inactive for over 9 months. To help maintain a clean and focused backlog, we'll be marking this issue as stale and will close the issue if we detect no activity in the next 7 days. Thank you for your contribution and understanding! 🙏
Hello 👋, This issue has been inactive for over 9 months and hasn't received any updates since it was marked as stale. We'll be closing this issue for now, but if you believe this issue is still relevant, please feel free to reopen it. Thank you for your contribution and understanding! 🙏
Hello 👋, this issue has been inactive for over 9 months. To help maintain a clean and focused backlog, we'll be marking this issue as stale and will engage on it to decide if it is still applicable. Thank you for your contribution and understanding! 🙏
Motivation: Why do you think this is important?
When flyteadmin fails JWT token validation, the request fails with
but this is ambiguous. For example, if the audience is misconfigured, flyteadmin logs
which is far more useful for understanding misconfigured deployments and diagnosing what went wrong
Goal: What should the final outcome look like, ideally?
Flyteadmin auth failures should include more details in error message responses
Describe alternatives you've considered
N/A
Propose: Link/Inline OR Additional context
No response
Are you sure this issue hasn't been raised already?
Have you read the Code of Conduct?