Closed michaeljluo closed 2 months ago
Also I am trying to revert the postgres database schema to version 0.16.0. Can I use the repair flag detailed here to do this (link)? What parameter value do I pass in with this flag to downgrade the schema to 0.16.0 release?
Hi! We're trying to reproduce this error, but we haven't been successful so far.
Is there anything special set up in your app registration? We're trying to understand what the difference is with our setups. We're largely following the steps outlined here: https://developer.hashicorp.com/boundary/tutorials/identity-management/oidc-azure
Also I am trying to revert the postgres database schema to version 0.16.0. Can I use the repair flag detailed here to do this (link)? What parameter value do I pass in with this flag to downgrade the schema to 0.16.0 release?
I don't believe there's a way to downgrade a database. It is recommended to do a backup of the database prior to the upgrade so that you're able to restore it later, if needed.
Realized this was a local issue on my end. Resolved now. Appreciate the help though.
Describe the bug
Hello, I am trying to upgrade my boundary version from 0.16.0 to 0.17.0. I merged updated code from the boundary repo, and ran commands to migrate boundary postgres database to new version. So far everything is functional except for logging in with OIDC auth method. I'm using an auth method with Azure Active Directory as my IDP and it produces this error whenever I try to login:
Error
Could not authenticate
Something went wrong while authenticating. Please close this window and try again. If the problem persists, notify your administrator.
link:
...authentication-error?error=%7B%22kind%22%3A%22Internal%22%2C%22message%22%3A%22authmethod_service.%28Service%29.authenticateOidcCallback%3A+Callback+validation+failed.%3A+parameter+violation%3A+error+%23100%3A+oidc.Callback%3A+unable+to+get+user+info+from+provider%3A+unknown%3A+error+%230%3A+Provider.UserInfo%3A+provider+UserInfo+request+failed%3A+Get+%5C%22https%3A%2F%2Fgraph.microsoft.com%2Foidc%2Fuserinfo%5C%22%3A+EOF%22%7D
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The login should pull identity information from Azure AD and authenticate me correctly.
Additional context
The Azure AD application registration we used is working fine with 0.16.0 version of boundary.