Error with openid connect

214 views
Skip to first unread message

NIKHIL BHADANE

unread,
Jun 22, 2023, 3:27:40 AM6/22/23
to Keycloak User
Hello Everyone,

I am trying to connect with Google authentication & openid connect. Getting error when keycloak trying to authenticate with identity provider. giving error " Unexpected error when authenticating with identity provider".
Your suggestions would be great help.
attaching screenshot of error & logs of keycloak.


keycloak error.png
ssl-handshake.png

Niko Köbler

unread,
Jun 22, 2023, 9:16:32 AM6/22/23
to Keycloak User
Netiquette is also valid here, so if you crosspost your questions somewhere else, please mention this with the proper link(s).

Question was also asked here, answer is already given: https://github.com/keycloak/keycloak/discussions/21148

NIKHIL BHADANE

unread,
Jun 23, 2023, 2:47:08 AM6/23/23
to Niko Köbler, Keycloak User
Hi Niko,

Sorry for creating the confusion.
Actually I am not satisfied with the answer. And the question is closed now.
I was able to connect with an Identity provider when the internet was provided to the kubernetes cluster, I am facing the issue when we disabled the internet access.
We are publicly accessing keycloak through application gateway, & we are able to get response from identity provider to keycloak it redirects to the endpoint which we provided to identity provider. facing issue with call back, Is there any way to make private or keycloak should not callback.


--
You received this message because you are subscribed to a topic in the Google Groups "Keycloak User" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/keycloak-user/pqZQ8Jlk3ZM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to keycloak-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-user/7dc3f792-274f-4b5d-9c9b-488d68a705ffn%40googlegroups.com.

Niko Köbler

unread,
Jun 23, 2023, 2:50:45 AM6/23/23
to Keycloak User
As the answer in GitHub discussions mentioned: your Keycloak node(s) NEED access to the external IdP, that's how all that stuff works.
Period. There's no "...but..." and no way around.
As you already experienced: when giving your pods internet access, all this stuff works. So, you have your solution. It's the only one.

Reply all
Reply to author
Forward
0 new messages