URGENT: OIDC Authentication Loop Failure in DSpace 7.6.1 - Users Unable to Log In

24 views
Skip to first unread message

Humberto Blanco

unread,
Jul 8, 2025, 10:31:35 PM7/8/25
to DSpace Technical Support
  Hello DSpace-Tech group,

We are facing a critical authentication issue on our DSpace 7.6.1 instance that is preventing all users from logging in via OIDC, effectively halting repository operations.

We have configured OIDC authentication against Azure AD. The external authentication process with Azure completes successfully, but upon redirecting back to DSpace, the user is not recognized and is immediately returned to the login page, creating an infinite loop.

We have verified that the corresponding user accounts do exist in DSpace, so we expected a seamless login. Since this is our primary authentication method, our repository is currently inaccessible to our community.

Could you please provide urgent guidance on:

  1. Which specific parts of the OIDC authentication code we should inspect to diagnose this redirect/session recognition problem?

  2. How to enable detailed debug logging for the OIDC flow to trace the user's information as it's received and processed by DSpace?

Any help you can provide would be greatly appreciated. This is a high-priority issue for us.

Thank you,

DSpace Technical Support

unread,
Jul 16, 2025, 12:12:26 PM7/16/25
to DSpace Technical Support
Hi,

If you are still hitting this issue, my best advice is to use the Troubleshooting Guide to look for errors that may be occurring: https://wiki.lyrasis.org/display/DSPACE/Troubleshoot+an+error#Troubleshootanerror-DSpace7.x(orabove)

If you had this working previously, I'd also highly recommend looking at *what changed*.  If it worked, and suddenly it stopped working, then something must have changed.  It could be a change in the external OIDC site, or maybe something changed in DSpace.

Finally, more information on all the DSpace docs related to OIDC can be found at https://wiki.lyrasis.org/display/DSDOC7x/Authentication+Plugins#AuthenticationPlugins-OpenIDConnect(OIDC)Authentication    (I'm not able to easily answer your questions about "specific parts of code" because I'm not as familiar with this plugin.  But the main class appears to be the org.dspace.authenticate.OidcAuthentication Java class and the classes under "org.dspace.authenticate.oidc.*".)

I know those are very general advice, but that's what I'd recommend starting with.

Tim

Reply all
Reply to author
Forward
0 new messages