I have set this up as close as I can to the auth0 tutorial and have it working through the keycloak login but something is happening at the callback I guess. might be obvious in that error but im at a lose, Thanks
We’ll be surfacing that error better on the error page in the future but you can see in that string that the auth time is beyond the set max-age. This might indicate out-of-sync system clocks, or just that you need to change the max-age setting you’re using.
Did you attempt to set the max-age to 0, like in the activate OIDC auth section?
boundary auth-methods update oidc -id amoidc_q7jAdI1QgA -issuer "https://ISSUER_URL/" -max-age 0
I did but then set it to 30 afterwards and did not seem to work, but this is the issue, as if I set it to 3000 it works fixed timezone and its working. Thanks for the help!
Yep it’s seconds IIRC so you’d have to have logged into your IdP within the last 30 seconds. Something longer is probably ideal