OIDC not working for me with authentik
Hi, I have setup OIDC in authentik and my container as follows
26 Replies
Thank you for submitting a support request.
Depending on the volume of requests, our team should get in contact with you shortly.
⚠️ Please include the following details in your post or we may reject your request without further comment: - Log (See https://homarr.dev/docs/community/faq#how-do-i-open-the-console--log) - Operating system (Unraid, TrueNAS, Ubuntu, ...) - Exact Homarr version (eg. 0.15.0, not latest) - Configuration (eg. docker-compose, screenshot or similar. Use ``your-text`` to format) - Other relevant information (eg. your devices, your browser, ...)
❓ Frequently Asked Questions | Homarr documentation
Can I install Homarr on a Raspberry Pi?
Bue for some reason, after logging in I get this:
homarr is behind a reverse proxy, maybe that's the reason?
I see this in the URL
redirect_uri=http%3A%2F%2F192.168.1.54%3A10004
Set the NEXTAUTH_URL env var for homarr to homarr's https address
Ah wait you did that already?
yeah ok I was messing with something before I removed that
I was testing nginx proxy authentication so I just removed that
and now I get a different error
but getting closer
thank me I don't even look at whatever you sent I guess? :x
Is that new error in homarr or authentik?
homarr
I never saw that error before so I'm looking into it
It seems to be a problem with the NEXTAUTH_SECRET
ngl I don't even set it myself but maybe look into it
Eatiing time for me, sorry if I don't answer
no worries, thanks for taking a look
removed the secret but the same thing happens
Solution
Try to generate your own RS256 NEXTAUTH_SECRET, should dérive from it then
Actually, it's possible it has to do with the oidc secret now that I think about it
found something similar here
Vikunja Community
Struggling with SSO via Authentik
Here’s the results of my testing: GET HTTPS akserver FROM vikunja_api-1: refused (port 443) GET HTTPS akserver:9443 FROM vikunja_api-1: not refused, but curl has a problem with the self-signed cert GET HTTPS authentik.fqdn FROM vikunja_api-1: resolves to the correct IP and port 443 as per Traefik config, but times out GET HTTPS akserver FROM...
Are you using self signed certs?
for SSL I'm using letsencrypt
in signing key I don't have anything selected
it's weird though my certificates are RSA
ok it works for local auth users now
so the issue is when I use Google Auth
but all good on homarr side
no idea how to fix it for social logins tho
Nice! Absolutely no idea about Google either, sorry. Usually people do self hosting to get away from them x)
yeah I know XD
Welp, however knows about it is welcome to chip in here, otherwise good luck and be sure to share if you find a solution.
sure thing
thanks a lot
you were right, generating a new key did the trick
Nice! Glad it's all working then
Hi almost same error with iodc. The auth_url is needed?? Not a word in authelia or homarr manuals. The correct url should be homar.domain.com
Thx for your help
what´s the error? @sunmetis
Hi thx for your answer localhost:7575/api/auth/error?error=OAuthSignin
hey
let me check
@sunmetis you need to make sure to setup AUTH_OIDC_URI, AUTH_OIDC_CLIENT_SECRET, BASE_URL, NEXTAUTH_URL, NEXTAUTH_SECRET, AUTH_OIDC_REDIRECT_LOGOUT
Private conf sent in msg @andres