F

Flyte enables you to build & deploy data & ML pipelines, hassle-free. The infinitely scalable and flexible workflow orchestration platform that seamlessly unifies data, ML and analytics stacks. Explore and Join the Flyte Community!

Flyte Core Chart Keycloak Setup Issues

Summary

The user is setting up the Flyte core chart with Keycloak and an internal authorization server, intending to switch the authorization server later. They are facing UI authentication issues, specifically with the Flyteadmin pod, which is experiencing token retrieval errors due to a missing cookie. Accessing the web UI results in an "Authorization Required" message, and clicking the sign-in button leads to a 403 error with a missing parameter in the callback URL. Logs show repeated token retrieval failures and an "invalid_grant" error during the OAuth2 code exchange. The user has shared parts of their values file, detailing configurations for OAuth client credentials, server security settings, and authorized URIs. They discovered that disabling PKCE resolves the issues but prefer to keep it enabled and are seeking configuration options to support it, noting that something seems to be missing from the client side.

Status
open
Tags
    Source
    #flyte-deployment