Replies: 1 comment 1 reply
-
|
HI! Issue resolved using this post and by creating chain cert and secret/mounting: But now im getting another error, last one I believe. When I authenticate in Keycloak Im corectly redirected back to my VW with error: [2025-10-30 11:31:06.317][vaultwarden::sso][DEBUG] Authenticated user AuthenticatedUser { refresh_token: Some("eyJhb09Va(...)RSu9wd1g"), access_token: "eyJhbG(...)0L5vnw", expires_in: Some(300s), identifier: OIDCIdentifier("https://iam-test.czk.xyz/auth/realms/*/4e6356b0-17e6-40ec-ae70-c6127df65080"), email: "bart@xyz.com", email_verified: Some(false), user_name: Some("nosekb") } I dont have configured SMTP so I'm using : And it's reflected Enabled in Admin panel but error still persists. BN |
Beta Was this translation helpful? Give feedback.
-
|
Thanks! This fixed my issue with message":"Failed to discover OpenID provider: Request failed","object":"error" using keycloak using Docker-Compose "volumes:
|
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
I have a problem using Vaultwarden with Keycloak
SSO.-I'm using image with tag "testing"
-using gabe565 helmcharts
-part of values.yaml im using:
`# part of values.yaml
image:
repository: ghcr.io/dani-garcia/vaultwarden
tag: "testing"
config:
DOMAIN: "https://vaultwarden.testdevops01.xyz"
ROCKET_PORT: 8080
INVITATIONS_ALLOWED: true
env:
ADMIN_TOKEN: "test"
LOG_LEVEL: "debug"
SIGNUPS_ALLOWED: "true"
SSO_ENABLED: "true"
SSO_PROVIDER: "oidc"
SSO_AUTHORITY: "https://iam-test.czk.xyz/auth/realms/xyz"
SSO_CLIENT_ID: "ext-es-vaultwarden-test"
SSO_CLIENT_SECRET: "***" # to tests im putting it here
SSO_REDIRECT_URI: "https://vaultwarden.testdevops01.xyz/oidc/callback"
SSO_SCOPES: "openid email profile"
ingress:
main:
enabled: true
ingressClassName: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
service:
name: "vaultwarden"
port: 8080
hosts:
- host: "vaultwarden.testdevops01.xyz"
paths:
- path: /
pathType: Prefix
tls:
- secretName: "tls"
hosts:
- "vaultwarden.testdevops01.xyz"
Error I get:
logs:
[2025-10-29 12:40:29.490][request][INFO] POST /api/organizations/domain/sso/verified
[2025-10-29 12:40:29.491][response][INFO] (get_org_domain_sso_verified) POST /api/organizations/domain/sso/verified => 200 OK
[2025-10-29 12:40:29.498][request][INFO] GET /identity/sso/prevalidate?domainHint=VW_DUMMY_IDENTIFIER
[2025-10-29 12:40:29.499][response][INFO] (prevalidate) GET /identity/sso/prevalidate => 200 OK
[2025-10-29 12:40:29.523][request][INFO] GET /identity/connect/authorize?client_id=web&redirect_uri=htt
[2025-10-29 12:40:29.535][reqwest::connect][DEBUG] starting new connection: https://iam-test.czk.xyz/
[2025-10-29 12:40:29.539][hyper_util::client::legacy::connect::http][DEBUG] connecting to 10.155.22.153:443
[2025-10-29 12:40:29.543][hyper_util::client::legacy::connect::http][DEBUG] connected to 10.155.22.153:443
[2025-10-29 12:40:29.551][vaultwarden::sso_client][ERROR] Failed to discover OpenID provider: Request failed
[2025-10-29 12:40:29.552][response][INFO] (authorize) GET /identity/connect/authorize?<data..> => 400 Bad Request
[2025-10-29 12:40:30.999][vaultwarden::api::core::two_factor][DEBUG] Sending notifications for incomplete 2FA logins
[2025-10-29 12:40:30.999][vaultwarden::api::core::accounts][DEBUG] Purging auth requests
[2025-10-29 12:40:30.999][vaultwarden::api::core::two_factor::duo_oidc][DEBUG] Purging Duo authentication contexts
web browser:
{"error":"","errorModel":{"message":"Failed to discover OpenID provider: Request failed","object":"error"},"error_description":"","exceptionMessage":null,"exceptionStackTrace":null,"innerExceptionMessage":null,"message":"Failed to discover OpenID provider: Request failed","object":"error","validationErrors":{"":["Failed to discover OpenID provider: Request failed"]}}
Any ideas please ?
thank you very much in advance
Beta Was this translation helpful? Give feedback.
All reactions