github-starred/vikunja
2
0
Fork 0
mirror of https://github.com/go-vikunja/vikunja.git synced 2026-03-22 13:05:43 -05:00
Code Issues 447 Packages Projects Releases 9 Wiki Activity

Unable to login via IdentityProvider Initiated #1903

New Issue
Closed
opened 2026-03-22 13:45:26 -05:00 by GiteaMirror · 5 comments
GiteaMirror commented 2026-03-22 13:45:26 -05:00
Owner
Copy Link

Originally created by @acelinkio on GitHub (Jan 8, 2024).

Description

I unable to login via identity provider (IDP) initiated. After clicking on launch icon inside of my identity provider, I am taken to the SP initiated login screen for Vikunja, https://tasks.mydomain.tld/login, instead of being logged into the application. Ideally that would automatically sign in to Vikunja.

Instead additional click is needed to start the service provider (SP) initiated login, which does work correctly.

Vakunja API Settings

config.yaml: |
  auth:
    openid:
      enabled: true
      redirecturl: https://tasks.mydomain.tld/auth/openid/
      providers:
        - name: authentik
          authurl: https://auth.mydomain.tld/application/o/vikunja/
          logouturl: https://auth.mydomain.tld/application/o/vikunja/end-session/
          clientid: vikunja
          clientsecret: "REDACTEDSECRETTOKEN"

Authentik version 2023.10.5
Settings configuration via Terraform

resource "authentik_provider_oauth2" "vikunja_ouath2" {
  name      = "vikunja"
  client_id = "vikunja"
  client_secret = "REDACTEDSECRETTOKEN"
  authorization_flow = data.authentik_flow.default-authorization-flow.id
  access_code_validity = "minutes=10"
  redirect_uris = [ "https://tasks.mydomain.tld/auth/openid/authentik"]
  signing_key = data.authentik_certificate_key_pair.generated.id
  property_mappings = [
    data.authentik_scope_mapping.openid.id,
    data.authentik_scope_mapping.email.id,
    data.authentik_scope_mapping.profile.id
  ]
}

resource "authentik_application" "vikunja_application" {
  name = authentik_provider_oauth2.vikunja_ouath2.name
  slug = authentik_provider_oauth2.vikunja_ouath2.name
  protocol_provider = authentik_provider_oauth2.vikunja_ouath2.id
  meta_icon = "https://kolaente.dev/avatars/dd73c49581a6904336c5d40fb66ef950?size=280"
  meta_launch_url = "https://tasks.mydomain.tld"
  policy_engine_mode = "all"
}

Vikunja Frontend Version

vikunja/frontend:0.22.0

Vikunja API Version

vikunja/api:0.22.0

Browser and version

No response

Can you reproduce the bug on the Vikunja demo site?

No

Screenshots

No response

Originally created by @acelinkio on GitHub (Jan 8, 2024). ### Description I unable to login via identity provider (IDP) initiated. After clicking on launch icon inside of my identity provider, I am taken to the SP initiated login screen for Vikunja, https://tasks.mydomain.tld/login, instead of being logged into the application. Ideally that would automatically sign in to Vikunja. Instead additional click is needed to start the service provider (SP) initiated login, which does work correctly. Vakunja API Settings ```yaml config.yaml: | auth: openid: enabled: true redirecturl: https://tasks.mydomain.tld/auth/openid/ providers: - name: authentik authurl: https://auth.mydomain.tld/application/o/vikunja/ logouturl: https://auth.mydomain.tld/application/o/vikunja/end-session/ clientid: vikunja clientsecret: "REDACTEDSECRETTOKEN" ``` Authentik version 2023.10.5 Settings configuration via Terraform ```hcl resource "authentik_provider_oauth2" "vikunja_ouath2" { name = "vikunja" client_id = "vikunja" client_secret = "REDACTEDSECRETTOKEN" authorization_flow = data.authentik_flow.default-authorization-flow.id access_code_validity = "minutes=10" redirect_uris = [ "https://tasks.mydomain.tld/auth/openid/authentik"] signing_key = data.authentik_certificate_key_pair.generated.id property_mappings = [ data.authentik_scope_mapping.openid.id, data.authentik_scope_mapping.email.id, data.authentik_scope_mapping.profile.id ] } resource "authentik_application" "vikunja_application" { name = authentik_provider_oauth2.vikunja_ouath2.name slug = authentik_provider_oauth2.vikunja_ouath2.name protocol_provider = authentik_provider_oauth2.vikunja_ouath2.id meta_icon = "https://kolaente.dev/avatars/dd73c49581a6904336c5d40fb66ef950?size=280" meta_launch_url = "https://tasks.mydomain.tld" policy_engine_mode = "all" } ``` ### Vikunja Frontend Version vikunja/frontend:0.22.0 ### Vikunja API Version vikunja/api:0.22.0 ### Browser and version _No response_ ### Can you reproduce the bug on the Vikunja demo site? No ### Screenshots _No response_
GiteaMirror commented 2026-03-22 13:45:27 -05:00
Author
Owner
Copy Link

@kolaente commented on GitHub (Jan 9, 2024):

This works as intended. If there are multiple auth methods, users need to be able to choose which one they use.

If you set the link to https://tasks.mydomain.tld/?redirectToProvider=true and have local auth disabled and have only one auth provider, it will automatically redirect the user to your Auth provider when they are not logged in.

This does not happen automatically because then users would be logged in again directly after they logged out.

@kolaente commented on GitHub (Jan 9, 2024): This works as intended. If there are multiple auth methods, users need to be able to choose which one they use. If you set the link to `https://tasks.mydomain.tld/?redirectToProvider=true` and have local auth disabled and have only one auth provider, it will automatically redirect the user to your Auth provider when they are not logged in. This does not happen automatically because then users would be logged in again directly after they logged out.
GiteaMirror commented 2026-03-22 13:45:29 -05:00
Author
Owner
Copy Link

@PeteKersker commented on GitHub (Dec 22, 2025):

I'm not sure how/where to ask, so I'll try here. Is this installed/available in Version: v1.0.0-rc3? If so, I'm probably doing something wrong.

  • OIDC works perfectly with Nextcloud OIDC for login, when i click the button on the login screen.
  • Autologin does not work when i navigate to https:my.vikunja.tld/?redirectToProvider
    ( I've tried =true, =1, and =myprovidername as well. I just get redirected to the /login page.)
    local is disabled. oidc is enabled with one provider defined.

Any thoughts/direction would be appreciated.

@PeteKersker commented on GitHub (Dec 22, 2025): I'm not sure how/where to ask, so I'll try here. Is this installed/available in Version: v1.0.0-rc3? If so, I'm probably doing something wrong. - OIDC works perfectly with Nextcloud OIDC for login, when i click the button on the login screen. - - Autologin does not work when i navigate to https:my.vikunja.tld/?redirectToProvider ( I've tried =true, =1, and =myprovidername as well. I just get redirected to the /login page.) local is disabled. oidc is enabled with one provider defined. Any thoughts/direction would be appreciated.
GiteaMirror commented 2026-03-22 13:45:29 -05:00
Author
Owner
Copy Link

@acelinkio commented on GitHub (Dec 22, 2025):

I faced the same issue when I was trying 1.0.0-rc2. https://community.vikunja.io/t/no-longer-able-to-login-via-oidc/3113/17

tldr the syntax changed
https://vikunja.io/docs/openid/#step-2-configure-vikunja

@acelinkio commented on GitHub (Dec 22, 2025): I faced the same issue when I was trying 1.0.0-rc2. https://community.vikunja.io/t/no-longer-able-to-login-via-oidc/3113/17 tldr the syntax changed https://vikunja.io/docs/openid/#step-2-configure-vikunja
GiteaMirror commented 2026-03-22 13:45:30 -05:00
Author
Owner
Copy Link

@PeteKersker commented on GitHub (Dec 23, 2025):

I faced the same issue when I was trying 1.0.0-rc2. https://community.vikunja.io/t/no-longer-able-to-login-via-oidc/3113/17

tldr the syntax changed https://vikunja.io/docs/openid/#step-2-configure-vikunja

Thanks for the insight. I did need to move to the new syntax to get the oidc login to work.
I tried adding the following two lines:
usernamefallback: true
emailfallback: true
Still, no success.

@PeteKersker commented on GitHub (Dec 23, 2025): > I faced the same issue when I was trying 1.0.0-rc2. https://community.vikunja.io/t/no-longer-able-to-login-via-oidc/3113/17 > > tldr the syntax changed https://vikunja.io/docs/openid/#step-2-configure-vikunja Thanks for the insight. I did need to move to the new syntax to get the oidc login to work. I tried adding the following two lines: usernamefallback: true emailfallback: true Still, no success.
GiteaMirror commented 2026-03-22 13:45:30 -05:00
Author
Owner
Copy Link

@PeteKersker commented on GitHub (Feb 14, 2026):

Just in case it helps, I finally stumbled upon a syntax that worked: https://my.vikunja.tld/login?redirectToProvider=true
All the other options listed in the documentation did not work.

Thank you for all your work. This product is great!

@PeteKersker commented on GitHub (Feb 14, 2026): Just in case it helps, I finally stumbled upon a syntax that worked: https://my.vikunja.tld/login?redirectToProvider=true All the other options listed in the documentation did not work. Thank you for all your work. This product is great!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
area/api
area/caldav
area/filters
area/frontend
area/gantt
area/internal-code
area/typesense
bug
changes requested
confirmed
dependencies
enhancement
good first issue
help wanted
kind/bug
kind/feature
needs reproduction
pull-request
Mirrored from GitHub Pull Request
 question
security
support
upstream issue
waiting for reply
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vikunja#1903
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?