mirror of
https://github.com/actualbudget/actual.git
synced 2026-07-16 15:14:02 -05:00
[Bug]: Authelia OIDC config - request timed out #1758
Closed
opened 2026-02-28 19:53:58 -06:00 by GiteaMirror
·
3 comments
No Branch/Tag Specified
master
claude/verify-migration-guardrails-i82c8m
cross-version-sync-stage2
api-browser-custom-data-dir
dependabot/npm_and_yarn/npm_and_yarn-cd62b4b37a
tabedzki/feat/replacing-month-picker-with-day-picker
delay-initial-sync-until-loaded
jfdoming/mobile-app-build
cross-version-sync-compat
jfdoming/api-tokens-part-1
jfdoming/api-tokens-part-2
jfdoming/api-tokens-part-3
jfdoming/mobile-app-updates
claude/budget-version-migration-compat-151jlr
claude/worker-error-serialization-9iqtl7
claude/react-table-library-research-afx83z
claude/issue-8401-regression-test-9nw9l3
jfdoming/mobile-app-foundation-part-1
jfdoming/mobile-app-scaffold
release
ai-fix-cleanup-def-8290
claude/relaxed-shannon-jusywa
claude/fervent-keller-s6f2fq
claude/determined-feynman-st1y9z
claude/wizardly-einstein-vi2wce
claude/sweet-albattani-7nseio
feat/bank-sync-per-budget-file
claude/affectionate-cannon-y0kc82
claude/dependabot-findings-m9pgmb
claude/mac-app-ios-publish-zjs1lz
claude/vigilant-tesla-aiiyos
depot-migrate-secrets-1781296330308
claude/quirky-cerf-v5qck7
claude/animation-removal-alternative-2etfh1
claude/netlify-preview-comments-consolidate-9XPYa
osc/7391-error-boundaries-reports
claude/pensive-dijkstra-7DYui
claude/server-app-version-mismatch-HTCGv
claude/pr-8027-review-feedback-mELuO
claude/zealous-wozniak-e5pO0
claude/intelligent-heisenberg-BSHJq
claude/translation-download-refactor-jFRsO
claude/mobile-performance-ideas-G9PAO
claude/github-issue-7988-5A5ly
blacksmith-migration-ff70d2d
claude/great-mayer-KRvOk
claude/react-native-ios-compilation-fcJh5
claude/serene-goldberg-58xv0
claude/kind-euler-LVG3K
release-automation/edge-nightly
7710-bundle-migrations
claude/fix-docker-build-error-WMfed
claude/llm-compatible-release-notes-t20Nr
7710-tests-tdd
cursor/transaction-table-rewrite-f077
claude/plan-ci-secure-context-OtEe1
claude/fix-issue-7667-DPXi3
cursor/resolve-pr-7449-ee11
claude/fix-typescript-build-error-JPtZ5
copilot/add-repository-configs-to-packages
worktree-compressed-drifting-ritchie
claude/api-consumer-verification-kfz1K
pr-7454
claude/fix-issue-7410-LLLQ4
revert-7281-generate-icons
react-query-useSchedules
copilot/sub-pr-6140
package-upgrades
v26.7.0
v26.6.0
v26.5.2
v26.5.1
v26.5.0
v26.4.0
v26.3.0
v26.2.1
v26.2.0
v26.1.0
v25.12.0
v25.11.0
v25.10.0
v25.9.0
v25.8.0
v25.7.1
v25.7.0
v25.6.1
v25.6.0
v25.5.0
v25.4.0
v25.3.1
v25.3.0
v25.2.1
v25.2.0
v25.1.0
v24.12.0
v24.11.0
v24.10.1
v24.10.0
v24.9.0
v24.8.0
v24.7.0
v24.6.0
v24.5.0
v24.4.0
v24.3.0
v24.2.0
v24.1.0
v23.12.0
v23.11.0
v23.10.0
v23.9.0
v23.8.1
v23.8.0
v23.7.2
v23.7.1
v23.7.0
v23.6.0
v23.5.0
v23.4.2
v23.4.1
v23.4.0
v23.3.2
v23.3.0
v23.2.9
v23.2.5
v23.1.12
v22.12.9
Labels
Clear labels
AI generated
API
bank sync
budgeting
bug
can’t replicate
dependencies
docker
documentation
electron
experimental feature
feature
feedback
goal templates
good first issue
help wanted
importers
maintenance
needs info
needs testing
needs triage
needs votes
openid
payees
pull-request
regression
reports
responsive
rules
schedules
server
✨ merged
split transactions
tech debt
tech-support
theme
transaction import
transaction reconciliation
transactions
translations
upstream
user interface
✅ approved
wontfix
Mirrored from GitHub Pull Request
No Label
bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: github-starred/actual#1758
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @fredmorais on GitHub (Jan 9, 2025).
Verified issue does not already exist?
What happened?
I was trying the new OpenID feature with authelia but when I enable the feature I get an error in the UI. When checking the container's logs I see the following error:
Error setting up OpenID client: RPError: outgoing request timed out after 3500ms at /app/node_modules/openid-client/lib/helpers/request.js:140:13 at async Issuer.discover (/app/node_modules/openid-client/lib/issuer.js:143:22) at async setupOpenIdClient (file:///app/src/accounts/openid.js:53:9) at async bootstrapOpenId (file:///app/src/accounts/openid.js:26:5) at async enableOpenID (file:///app/src/account-db.js:132:20) at async file:///app/src/app-openid.js:30:20How can we reproduce the issue?
Actual Budget OpenID config:

Authelia config:
- id: actual_budget description: actual_budget secret: MY_SECRET public: false authorization_policy: one_factor audience: [] scopes: - openid - groups - email - profile redirect_uris: - https://budget.MY_DOMAIN.COM/openid/callback userinfo_signed_response_alg: none token_endpoint_auth_method: client_secret_basicFor the redirect_uris I also tried just https://budget.MY_DOMAIN.COM and it doesn't work. I considered it might be a network error but I have another container (not Actual) on the same network who is able to connect to authelia.MY_DOMAIN.COM just fine.
Where are you hosting Actual?
Docker
What browsers are you seeing the problem on?
Firefox
Operating System
Linux
@driniM3 commented on GitHub (Feb 23, 2025):
I am also seeing this bug using Authentik. I seem to be able to set up the openID connection after multiple tries but then cannot log in consistently.
OpenID grant failed: RPError: outgoing request timed out after 3500ms at /app/node_modules/openid-client/lib/helpers/request.js:140:13 at async /app/node_modules/openid-client/lib/helpers/issuer.js:35:26 at async Issuer.queryKeyStore (/app/node_modules/openid-client/lib/helpers/issuer.js:84:20) at async Client.validateJWT (/app/node_modules/openid-client/lib/client.js:1062:14) at async Client.validateIdToken (/app/node_modules/openid-client/lib/client.js:766:49) at async Client.callback (/app/node_modules/openid-client/lib/client.js:505:7) at async loginWithOpenIdFinalize (file:///app/src/accounts/openid.js:177:18) at async file:///app/src/app-openid.js:86:24If i spam the login button a bunch of times, sometimes it seems to make it through. Maybe increase the timeout to 30 seconds as that's what other apps seem to have it set to.
@SteinTokvam commented on GitHub (Apr 23, 2025):
I use Authelia sucessfully. In versions before 25.4.0 I had a config.json
See Authelia docs.
But in version 25.4.0 that config file broke for me, so I set the environment variables instead of using the config.json file which are:
ACTUAL_OPENID_DISCOVERY_URL for authelia url
ACTUAL_OPENID_CLIENT_ID for client id
ACTUAL_OPENID_CLIENT_SECRET for client secret
ACTUAL_OPENID_SERVER_HOSTNAME for your actual budget url
ACTUAL_OPENID_AUTH_METHOD set to oauth2
edit:
in actual version 25.4.0 the "issuer" field in config.json has changed to "discoveryURL"
@youngcw commented on GitHub (Jun 4, 2025):
Closing this as its old and there have been a number of updates to openID. If the issues persists please open a new ticket.