Description
Provider type
Authentik
Environment
System:
OS: Linux 6.12 Fedora Linux 41 (Workstation Edition)
CPU: (16) x64 Intel(R) Core(TM) i9-9900K CPU @ 3.60GHz
Memory: 10.27 GB / 31.24 GB
Container: Yes
Shell: 5.2.32 - /bin/bash
Binaries:
Node: 22.11.0 - /usr/bin/node
npm: 10.9.0 - /usr/local/bin/npm
pnpm: 9.15.4 - ~/.local/share/pnpm/pnpm
bun: 1.0.25 - ~/.bun/bin/bun
npmPackages:
next: ^14.2.23 => 14.2.23
next-auth: 5.0.0-beta.19 => 5.0.0-beta.19
react: ^18.3.1 => 18.3.1
Reproduction URL
https://github.com/gibbyb/Tech_Tracker_Web
Describe the issue
Currently the documentation says that you add the URL with the slug without a trailing slash explicitly, but it is actually the opposite in my experience. Authentik will not work without the trailing slash. You will receive this error:
OperationProcessingError: "response" body "issuer" does not match "expectedIssuer"
until you add that trailing slash. This is directly from my console.log I used for testing:
Configured issuer: https://auth.gibbyb.com/application/o/techtracker
Authentik returned issuer: https://auth.gibbyb.com/application/o/techtracker/
Once I added the trailing slash, Authentik worked perfectly.
How to reproduce
Add authentik provider, add environment variables including slug without the trailing slash, then try to sign in with authentik.
Expected behavior
The documentation should not explicitly state that the trailing slash should be removed, and perhaps should even say the opposite, depending on the experience others have had, but at least in my case, with Next.js App Router, the trailing slash was required. In my authentik web admin panel, it also lists the issuer with a trailing slash.