Flyte enables production-grade orchestration for machine learning workflows and data processing created to accelerate local workflows to production.

Flyte

Hi all,
 we have deployed flyte-core with Helm chart on k8s .

We setup the OIDC layer with Keycloak , the login is fine but the scheduler doesn't want to run .. It has a 'invalid client' issue .

We don't unsderstand why since it seems to be using the same client (seen in the configmap). than the UI client.
```apiVersion: v1
data:
  admin.yaml: |
    admin:
      clientId: 'flyte'
      clientSecretLocation: /etc/secrets/client_secret
      endpoint: flyteadmin:81
      insecure: true```

Hi <@U062W1CSYD7>

There's a previous thread around missing info in the docs for flyte-binary using Keycloak as IDP (see <https://flyte-org.slack.com/archives/CP2HDHKE1/p1693218949341099|here>). While your deployment is different, I hope you find something useful there. I'll be working to reproduce and update the docs accordingly.

I guess the only `clientID` you changed is the one under the `userAuth` section right?
<https://github.com/flyteorg/flyte/blob/4fc4988400b9f448f61fe796d5252c1aa075fe6f/charts/flyte-core/values-keycloak-idp-flyteclients-without-browser.yaml#L542-L553|https://github.com/flyteorg/flyte/blob/4fc4988400b9f448f61fe796d5252c1aa075fe6f/ch[…]lyte-core/values-keycloak-idp-flyteclients-without-browser.yaml>

YEs exactly , I only change the one under userAuth.

can you share the relevant sections from the configmap? It's curious that the scheduler is the one having issues as auth flows go through `flyteadmin`