Hi, I'm trying to add authentication to Flyte deployment, and after configuring oauth, all my pods s...

shy-morning-17240

07/25/2025, 11:35 AM

Hi, I'm trying to add authentication to Flyte deployment, and after configuring oauth, all my pods start-up normally, except for flytescheduler pod, which errors out with:

Copy code

panic: authentication error! Original Error: <nil>, Auth Error: failed to issue token. Error: failed to get new token: failed to get new token: oauth2: "invalid_client" "Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method)."

Why could this be happening?

shy-morning-17240

07/25/2025, 11:40 AM

Looking at flyteadmin logs, even though flyteadmin has status running, the logs also show the following message

Copy code

{
  "json": {},
  "level": "error",
  "msg": "Failed to retrieve tokens from request, redirecting to login handler. Error: [EMPTY_OAUTH_TOKEN] Failure to retrieve cookie [flyte_idt], caused by: http: named cookie not present",
  "ts": "2025-07-25T11:28:20Z"
}

average-finland-92144

07/28/2025, 10:34 AM

@shy-morning-17240 yes, flytescheduler has an init container that checks connection to admin. When you enable auth, that connection needs to go through it as a regular client so it's a good indicator when something is wrong with the auth flow

average-finland-92144

07/28/2025, 10:35 AM

Is this with the internal authz server or external? Could you share your config?

shy-morning-17240

07/30/2025, 12:12 PM

It's an external auth server, but I managed to figure out the issue related to the hashed secret key being incorrect, thanks!

💪🏽 1

7 Views

Open in Slack

Previous Next

Flyte

Flyte enables production-grade orchestration for machine learning workflows and data processing created to accelerate local workflows to production.