Hi, everyone. Has someone used Keycloak as an external authorization server on Flyte? I followed the Flyte doc at the https://docs.flyte.org/en/latest/deployment/cluster_config/auth_setup.html#deployment-cluster-config-auth-setup to configure the clients and secrets and also defined the audience as mentioned in the issue (https://github.com/flyteorg/flyte/issues/2606). However, FlytePropeller has an error when I launch workflows in Flyte. I think the error is related to the FlyteAdmin events component (https://docs.flyte.org/en/latest/concepts/component_architecture/flytepropeller_architecture.html#flyteadmin-events) on FlytePropeller according to the following error message: EventSinkError: Error sending event, caused by [rpc error: code = Unauthenticated desc = transport: per-RPC creds failed due to error: oauth2: cannot fetch token:

Yes you need a client secret for propeller to be configured. Cc @Sören Brunk ? I think you have to restart propeller after you make the config change

@Sören Brunk @Neal Feierabend would you be able to help?

Yes, propeller currently does not pick up these config changes at runtime so I'd first try to restart it as @Ketan (kumare3) has suggested.