-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SSO: Invalid access token #136
Comments
What provider are you using? If you open the browser console (ctrl + shift + i) and click application > cookies, do you see a refresh token there? |
I use authentik. Yes i see a refresh token |
Also, is there a logout button anywhere in the frontend or am I just missing it? |
There is a logout button in Profile > Logout but I just noticed I never updated the code to remove oauth cookies. You'll have to open the browser console and delete the Ganymede cookies to fully logout. I was able to recreate the refresh token issue with the If you want an immediate fix you'll need to deploy an older image that works. If you do want to revert to an older version for this to work. Make a copy of your current data as rolling back could cause issues with any migrations that happened. I would make a new Authentik stack with new data folders or a copy of the old data folders. |
Without SSO:
Looking at the network the |
Can you enable debug in Also, open a new browser, or incognito window, sign in, and see if the auth cookies are set in the "Application" tab of the browser console. The non-sso cookies are named I haven't tried Authelia for SSO, did not know they had OIDC support. I'll take a look at it. |
No debug messages related to any errors in logs after setting |
If cookies do not persist after logging in it's probably an issue with the cookie domain var. Be sure to disable SSO and use the default auth to get this working first. What's your Looking at the network login request in the browser console may yield some info on if the cookies are not being set for some reason. |
My
|
One of the issues I noticed while trying to use Authelia, is that a
|
@noraemsu Was a solution for this ever found? I too am not getting a refresh token |
When using SSO as authentication source, it seems that the refresh token isn't used because after about an hour or so the webpage cant do anything that requires authentication anymore and every few seconds a red message appears that says that the access toke is invalid.
The text was updated successfully, but these errors were encountered: