Summary
The user is having trouble configuring flytectl after adding authentication, specifically with setting up a responsive endpoint. They confirm that the UI requires authentication and works with their Cognito setup, but they are struggling with the DNS address in the config file. The user is encountering errors related to token retrieval from the cache and issues starting the callback HTTP server due to a missing port. They are looking for example documentation or assistance to resolve these issues and have configured their callback to use their domain instead of localhost.
habuelfutuh
Do you have ingress setup as well? otherwise the server (flyteadmin) listens on two different ports (one for http and one for grpc)
habuelfutuh
Hey <@U07GE1Q0648>, can you clarify what you mean by configuring an endpoint that responds?
If you use the UI, does it prompt you for auth now?
The flytectl config should looks something like this:
# Update with the Flyte's ingress endpoint (e.g. flyteIngressIP for sandbox or <http://example.foobar.com|example.foobar.com>)
# You must keep the 3 forward-slashes after dns:
endpoint: dns:///<Flyte ingress url>
# Update auth type to `Pkce` or `ClientSecret`
authType: Pkce
# Set to the clientId (will be used for both Pkce and ClientSecret flows)
# Leave empty to use the value discovered through flyteAdmin's Auth discovery endpoint.
clientId: <Id>
# Set to the location where the client secret is mounted.
# Only needed/used for `ClientSecret` flow.
clientSecretLocation: </some/path/to/key>```