SSO with Azure fails with: AADSTS700016: Application with identifier 'None' #1360
Unanswered
papanito
asked this question in
Getting Help
Replies: 1 comment 1 reply
-
|
Ok following up on this the credential should be in a file e-g- Does the file name matter? I updated the external secrets as follows apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret #gitleaks:allow
metadata:
name: netbox-sso
namespace: netbox
labels:
swisscard.ch/ea-app-id: "812"
spec:
data:
- remoteRef:
key: netbox-uat-sso-auth-key
conversionStrategy: Default
decodingStrategy: None
metadataPolicy: None
secretKey: key
- remoteRef:
key: netbox-uat-sso-auth-secret
conversionStrategy: Default
decodingStrategy: None
metadataPolicy: None
secretKey: secret
secretStoreRef:
kind: SecretStore
name: secret-store-kv-netsec
target:
name: netbox-sso
creationPolicy: Owner
deletionPolicy: Retain
template:
type: Opaque
data:
oidc-azuread.yaml: |
SOCIAL_AUTH_AZUREAD_OAUTH2_KEY: "{{ .key }}"
SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET: "{{ .secret }}"Which now shows |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
My current workaround is not to use And then map it with extraVolumes:
- name: netbox-sso-azuread
secret:
secretName: netbox-sso-azuread
items:
- key: extra-1.yaml
path: extra-1.yaml
extraVolumeMounts:
- name: netbox-sso-azuread
mountPath: "/run/config/extra/1/extra-1.yaml"
readOnly: true
subPath: extra-1.yaml |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Following this topic I face a similar issue.
Problem
When clicking on "Microsoft Entra ID" on the login mask in netbox, and then entering the credentials in the page
https://login.microsoftonline.com/which was opened by netbox, we get the following error:Configuration
We deploy netbox in kubernetes using the helm chart. According to the following guidelines we he have the following setup:
values.yaml
netbox-sso.yaml
This is the secret referenced in the
extraConfigChecks
I can confirm that the
extraConfigis written to the respective config map:$ kubectl get cm netbox -oyaml ... extra-1.yaml: |- SOCIAL_AUTH_PIPELINE: - social_core.pipeline.social_auth.social_details - social_core.pipeline.social_auth.social_uid - social_core.pipeline.social_auth.social_user - social_core.pipeline.user.get_username - social_core.pipeline.social_auth.associate_by_email - social_core.pipeline.user.create_user - social_core.pipeline.social_auth.associate_user - netbox.authentication.user_default_groups_handler - social_core.pipeline.social_auth.load_extra_data - social_core.pipeline.user.user_details - netbox.sso_pipeline_roles.set_role ...The config is mapped
... volumeMounts: - mountPath: /run/config/extra/0 name: extra-config-0 readOnly: true - mountPath: /run/config/extra/1 name: extra-config-1 readOnly: true ... volumes: - configMap: defaultMode: 420 name: netbox name: config .... - name: extra-config-0 secret: defaultMode: 420 secretName: netbox-sso - configMap: defaultMode: 420 items: - key: extra-1.yaml path: extra-1.yaml name: netbox name: extra-config-1 ....The content of these files is what I expect.
Related discussion or issues
Beta Was this translation helpful? Give feedback.
All reactions