Boundary keycloak oidc

I have set this up as close as I can to the auth0 tutorial and have it working through the keycloak login but something is happening at the callback I guess. might be obvious in that error but im at a lose, Thanks


We’ll be surfacing that error better on the error page in the future but you can see in that string that the auth time is beyond the set max-age. This might indicate out-of-sync system clocks, or just that you need to change the max-age setting you’re using.

Did you attempt to set the max-age to 0, like in the activate OIDC auth section?

boundary auth-methods update oidc -id amoidc_q7jAdI1QgA -issuer "https://ISSUER_URL/" -max-age 0

I did but then set it to 30 afterwards and did not seem to work, but this is the issue, as if I set it to 3000 it works fixed timezone and its working. Thanks for the help!

1 Like

Yep it’s seconds IIRC so you’d have to have logged into your IdP within the last 30 seconds. Something longer is probably ideal :smiley: