I've got a problem with Okta as my OIDC provider.
I have a working setup using an
auth0
sandbox account but my company uses okta internally.
The only thing I change between the working auth0 setup and the not working okta setup in Flyte are the
clientID
,
client_secret
and the
base_url
.
I setup a web application in okta with OIDC and see the following errors in the
flyte-backend-binary
logs:
<domain> is the real and correct domain in reality
{"json":{"src":"cookie.go:77"},"level":"info","msg":"Could not detect existing cookie [flyte_idt]. Error: http: named cookie not present","ts":"2024-08-23T13:47:37Z"}
{"json":{"src":"handlers.go:86"},"level":"error","msg":"Failed to retrieve tokens from request, redirecting to login handler. Error: [EMPTY_OAUTH_TOKEN] Failure to retrieve cookie [flyte_idt], caused by: http: named cookie not present","ts":"2024-08-23T13:47:37Z"}
{"json":{"src":"handlers.go:142"},"level":"debug","msg":"Setting CSRF state cookie to ka030rzmgc and state to 96c2493a0c36ca18f2fa54081e234def57f83e3edb7dca8ef3c90a30fc6b4e0d\n","ts":"2024-08-23T13:47:37Z"}
{"json":{"src":"handler_utils.go:169"},"level":"debug","msg":"validating whether redirect url: https://<domain>/console/select-project is authorized","ts":"2024-08-23T13:47:37Z"}
{"json":{"src":"handler_utils.go:172"},"level":"debug","msg":"authorizing redirect url: https://<domain>/console/select-project against authorized uri: <domain>","ts":"2024-08-23T13:47:37Z"}
I tested this on
flyte-binary 1.13.0
so I don't think it is
this issue