github-starred/vikunja
2
0
Fork 0
mirror of https://github.com/go-vikunja/vikunja.git synced 2026-06-01 22:56:32 -05:00
Code Issues 690 Packages Projects Releases 11 Wiki Activity

[GH-ISSUE #49] Error openid provider: 404 Not Found with azure active directory #5884

New Issue
Closed
opened 2026-04-20 16:17:41 -05:00 by GiteaMirror · 3 comments
GiteaMirror commented 2026-04-20 16:17:41 -05:00
Owner
Copy Link

Originally created by @fgionghi on GitHub (Sep 21, 2022).
Original GitHub issue: https://github.com/go-vikunja/vikunja/issues/49

Hi,
while trying to use azure as openid provider I'm getting the following error:
2022-09-21T09:29:00.599925016Z: ERROR ▶ openid/GetAllProviders 093 Error while getting openid provider azure: 404 Not Found

My vikunja config file is:

service:
  JWTSecret: "***"
log:
  level: "DEBUG"
auth:
  local:
    enabled: false
  openid:
    enabled: true
    redirecturl: https://vikunja.fbk.eu/auth/openid/
    providers:
      - name: azure
        authurl: https://login.microsoftonline.com/**/oauth2/v2.0/authorize
        clientid: **
        clientsecret: **

The authurl is what I found on azure in the Overview > Endpoints > OAuth 2.0 authorization endpoint (v2) section, and it has to be right because it is the same for every apps in my tenant (and I have other apps with that endpoint that are working). I also tried oauth v1 version.

The clientid is what azure called Application (client) id in the overview section.

For the clientsecret I firstly create a new client secret in the Certificates & secrets section then I tried bot the secret Value and the Secret ID.

On the web page I don't see any error or any attempts to redirect to the oauth auth url.

Since the error is not even find the provider I don't mention here redirect URI values. I think the error should be on the endpoint or clientid values.

Anyone has ever used azure AD as openid provider? Any suggestion? Thanks.

Originally created by @fgionghi on GitHub (Sep 21, 2022). Original GitHub issue: https://github.com/go-vikunja/vikunja/issues/49 Hi, while trying to use azure as openid provider I'm getting the following error: `2022-09-21T09:29:00.599925016Z: ERROR ▶ openid/GetAllProviders 093 Error while getting openid provider azure: 404 Not Found` My vikunja config file is: ``` service: JWTSecret: "***" log: level: "DEBUG" auth: local: enabled: false openid: enabled: true redirecturl: https://vikunja.fbk.eu/auth/openid/ providers: - name: azure authurl: https://login.microsoftonline.com/**/oauth2/v2.0/authorize clientid: ** clientsecret: ** ``` The `authurl` is what I found on azure in the `Overview > Endpoints > OAuth 2.0 authorization endpoint (v2)` section, and it has to be right because it is the same for every apps in my tenant (and I have other apps with that endpoint that are working). I also tried oauth v1 version. The `clientid` is what azure called `Application (client) id` in the overview section. For the `clientsecret` I firstly create a new client secret in the `Certificates & secrets` section then I tried bot the secret `Value` and the `Secret ID`. On the web page I don't see any error or any attempts to redirect to the oauth auth url. Since the error is not even find the provider I don't mention here `redirect URI` values. I think the error should be on the `endpoint` or `clientid` values. Anyone has ever used azure AD as openid provider? Any suggestion? Thanks.
GiteaMirror added the support label 2026-04-20 16:17:41 -05:00
GiteaMirror commented 2026-04-20 16:17:45 -05:00
Author
Owner
Copy Link

@kolaente commented on GitHub (Sep 21, 2022):

Vikunja uses the authurl to figure out all openid endpoints it needs. Therefore the endpoint should support a /.well-known/openid-configuration sub url.

For example, Gitlab provides these infos at https://gitlab.com/.well-known/openid-configuration - when setting up Vikunja to authenticate with Gitlab the authurl should be just https://gitlab.com and Vikunja will figure out the rest.

<!-- gh-comment-id:1253761544 --> @kolaente commented on GitHub (Sep 21, 2022): Vikunja uses the `authurl` to figure out all openid endpoints it needs. Therefore the endpoint should support a `/.well-known/openid-configuration` sub url. For example, Gitlab provides these infos at `https://gitlab.com/.well-known/openid-configuration` - when setting up Vikunja to authenticate with Gitlab the `authurl` should be just `https://gitlab.com` and Vikunja will figure out the rest.
GiteaMirror commented 2026-04-20 16:17:45 -05:00
Author
Owner
Copy Link

@fgionghi commented on GitHub (Sep 22, 2022):

Ok, now I got another error. Before of that: isn't it a little ambiguous to call authurl what it's actually is the openid configuration issuer? I'm totally not an expert of oauth and openid but it seems those terms have specific meanings.

However now I can press the Login with authentik button, I get redirect to the auth page, I login and once back on vikunja I got a red box with Could not authenticate against third party.. The users on authentik exists and are assigned to the vikunja app.

On the console tab I see POST https://vikunja.fbk.eu/api/v1/auth/openid/authentik/callback 400 (Bad Request).
Thank you.

<!-- gh-comment-id:1254703203 --> @fgionghi commented on GitHub (Sep 22, 2022): Ok, now I got another error. Before of that: isn't it a little ambiguous to call `authurl` what it's actually is the `openid configuration issuer`? I'm totally not an expert of oauth and openid but it seems those terms have specific meanings. However now I can press the `Login with authentik` button, I get redirect to the auth page, I login and once back on vikunja I got a red box with `Could not authenticate against third party.`. The users on authentik exists and are assigned to the vikunja app. On the console tab I see `POST https://vikunja.fbk.eu/api/v1/auth/openid/authentik/callback 400 (Bad Request)`. Thank you.
GiteaMirror commented 2026-04-20 16:17:46 -05:00
Author
Owner
Copy Link

@fgionghi commented on GitHub (Sep 22, 2022):

Ok, my fault. I had Could not authenticate against third party. error because I have a typo in the clientsecret. Tested also on azure and everything is working.
Thank you.

<!-- gh-comment-id:1254725303 --> @fgionghi commented on GitHub (Sep 22, 2022): Ok, my fault. I had `Could not authenticate against third party.` error because I have a typo in the clientsecret. Tested also on azure and everything is working. Thank you.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
area/api
area/attachments
area/auth
area/avatars
area/backup-restore
area/caldav
area/calendar-view
area/comments
area/config
area/database
area/desktop
area/docker
area/email
area/favorites
area/filters
area/frontend
area/gantt
area/i18n
area/import-export
area/internal-code
area/kanban
area/labels
area/list-view
area/mobile
area/notifications
area/permissions
area/projects
area/pwa
area/recurring-tasks
area/reminders
area/search
area/shortcuts
area/subtasks
area/sync
area/table-view
area/task-editor
area/task-metadata
area/task-relations
area/teams
area/theming
area/time-tracking
area/typesense
area/views
area/webhooks
bug
changes requested
concern/accessibility
concern/performance
concern/regression
concern/ux
confirmed
db/mysql
dependencies
enhancement
good first issue
help wanted
integration/inbound
integration/outbound
kind/bug
kind/feature
needs reproduction
pull-request
Mirrored from GitHub Pull Request
 question
security
support
upstream issue
waiting for reply
wontfix
No Label support
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vikunja#5884
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?