Hi,
I am having 3 node vault cluster and trying to enable and configure OIDC authentication method, but at he time of configuration getting below error-error checking oidc discovery URL: error creating provider with given values: NewProvider: unable to create provider: Get “https://login.microsoftonline.com/c8eca3ca-1276-46d5-9d9d-a0f2a028920f/v2.0/.well-known/openid-configuration ”: dial tcp: lookup login.microsoftonline.com on :53: no such host
Anyone is having any idea how can I resolve this.
Are you able to resolve the URL on the Vault host using nslookup or dig?
sid21mahajan:
53: no such host
What Jeff said… sounds like your box has no ability to service DNS requests for that domain.
Hi Jeff, Mike
vault was not picking up the proxy from environment variable, i configured proxy in service file and now its working.failed to fetch groups: “groups” claim not found in token
Have you followed all the instructions in the Azure AD portion of the OIDC provider supplemental documentation?
There have been a handful of others that had a similar issue:Azure OIDC Group claim not found, now working but why?!?! and related Vault Azure AD with OIDC - claim "upn" not found in token
If those don’t help, then provide some more of your configuration details so we can better help troubleshoot (redact any sensitive info, of course).