You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
gdoss-RIC-CH opened this issue
Jul 2, 2024
· 1 comment
Labels
authAuthentication or authorization relatedazureIssues related to Azure, but not AKS necessarilyblockerCompletely prevents the user from using the software.bugSomething isn't workingoidcIssue related to OIDC
We have several k8s clusters on which authentication is configured with oidc via Azure apps.
When I try to log in via Headlamp desktop app by clicking the "Sign in" button, it fails because the callback URI is wrong (Azure cannot find that callback URI configured in the Azure App).
So I add the callback URL http://localhost:4466/oidc-callback in my azure App registration.
Now Headlamp send 404 not found in my browser on the URL http://localhost:4466/auth?cluster=<kubeconfig_context_name>&token=
Is this a bug?
The text was updated successfully, but these errors were encountered:
illume
added
bug
Something isn't working
auth
Authentication or authorization related
oidc
Issue related to OIDC
azure
Issues related to Azure, but not AKS necessarily
blocker
Completely prevents the user from using the software.
labels
Jul 8, 2024
We have Anthos clusters on aws so we need gcloud command to retrieve the kubeconfig for each cluster.
The user authentication while doing the gcloud commands is managed with the help of Azure AD applications.
So the gcloud command is doing an oidc authentication to Azure and fills the kubeconfig with an ID-token that is (for example) used by kubectl to authenticate to the k8s cluster.
For some reason, Headlamp will not pass that token itself.
Even weirder, on Windows if my colleague click the "Use a token" button and put that ID-token which is on his kubeconfig, Headlamp will auth and connect to the k8s cluster.
But if I do the same on macOS it will not work.
Also when adding the callback URL http://localhost:4466/oidc-callback in my azure App registration I have a 404 not found page when clicking the "Sign in" button with a URL of this form http://localhost:4466/auth?cluster=<kubeconfig_context_name>&token=XXXXX
If I try to click "Use a token" button and paste that XXXXX token it will not work either
authAuthentication or authorization relatedazureIssues related to Azure, but not AKS necessarilyblockerCompletely prevents the user from using the software.bugSomething isn't workingoidcIssue related to OIDC
We have several k8s clusters on which authentication is configured with oidc via Azure apps.
When I try to log in via Headlamp desktop app by clicking the "Sign in" button, it fails because the callback URI is wrong (Azure cannot find that callback URI configured in the Azure App).
So I add the callback URL http://localhost:4466/oidc-callback in my azure App registration.
Now Headlamp send 404 not found in my browser on the URL http://localhost:4466/auth?cluster=<kubeconfig_context_name>&token=
Is this a bug?
The text was updated successfully, but these errors were encountered: