Waypoint oidc issues

I have installed waypoint on nomad with difficulty (ceph csi seems borked, cant specify minimum). I have the ui deployed behind traefik but when I set up oidc with keycloak it

 Provider.AuthURL: Provider.validRedirect: redirect URI https://waypoint-server.service.consul:9702/auth/oidc-callback: unauthorized redirect_uri 

even though I set keycloak to accept * for testing and I dont see an error in keycloak like I normally see when there is a redirect issue

it also does not work https://waypoint-server.service.consul:9702

Thanks for trying out the OIDC integration. Sorry to hear you’re experiencing this redirect URI issue.

Could you share the output of running waypoint auth-method inspect NAME?
(where NAME is the name you’ve given this auth method)
(with sensitive values redacted of course)

waypoint auth-method inspect keycloak
name: “keycloak”
display_name: “keycloak”
oidc: <
client_id: “dev-waypoint-client-oidc”
client_secret: “[REDACTED: client secret]”
discovery_url: “https://FQDN/auth/realms/test

Thanks for the help!

Hi,

Could you attempt re-adding the auth method using waypoint auth-method set with the following flag?

-allowed-redirect-uri=https://waypoint-server.service.consul:9702/auth/oidc-callback

Thank you!

Yep that solves it! Thanks couldn’t find that in the docs.

1 Like

Thank you, we will take note and update the docs!