https://flyte.org logo
Powered by
#ask-the-community
Title
# ask-the-community
l

Laura Lin

05/02/2023, 6:19 PM
Running into issues with flytepropeller and flytescheduler when trying to setup okta authentication using OpenId https://docs.flyte.org/en/latest/deployment/configuration/auth_setup.html#openid-connect flytepropeller complaining 
{"json":{"exec_id":"avjrcs5qwjzgnwz7cxfs","ns":"flytetester-development","res_ver":"76272166","routine":"worker-1","wf":"flytetester:development:<http://turbine_flyte.example.wf|turbine_flyte.example.wf>"},"level":"warning","msg":"Event recording failed. Error [EventSinkError: Error sending event, caused by [rpc error: code = Unauthenticated desc = transport: per-RPC creds failed due to error: oauth2: cannot fetch token: 401 Unauthorized\nResponse: {\"error\":\"invalid_client\",\"error_description\":\"Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method).\"}]]","ts":"2023-05-02T18:07:36Z"}
saw this thread https://flyte-org.slack.com/archives/CP2HDHKE1/p1676910082719799 but the PR is closed
Copy code
# -- If enabled is true, helm will create and manage `flyte-secret-auth` and populate it with `clientSecret`.
    # If enabled is false, it's up to the user to create `flyte-secret-auth` as described in
    # <https://docs.flyte.org/en/latest/deployment/cluster_config/auth_setup.html#oauth2-authorization-server>
so shouldn't this internal secret access stuff work out of the box?
d

David Espejo (he/him)

05/02/2023, 7:08 PM
hi @Laura Lin As a follow up to that thread, Alex shared his deployment which uses Okta with OpenID and self authorization: https://github.com/alexifm/flyte-eks-deployment Not sure if that's helpful for you tho
l

Laura Lin

05/02/2023, 7:50 PM
still running into the same error even after adding the staticClients and the client_secret
ah I got it. its the bcrypt part I was missing
17 Views
Powered by