boundary
boundary copied to clipboard
hashicorp
Authentication to Auth Methods in Scope fails
Describe the bug When I create an OIDC authentication method in an Organization scope with same parameters as in the global scope, authentication fails for the authentication method in the Organization scope
To Reproduce Steps to reproduce the behavior:
- Run
boundary authenticate ... - Run
boundary scopes create -description "Organization A" -name OrgA, get id o_wNvZ5G8EIr - Run
boundary auth-methods create oidc -name auth0 -description "Authenticate with Auth0" -scope-id o_wNvZ5G8EIr ...- parameters are identical to the auth-method in the global scope, get id amoidc_QKY1VdjoaM - Run
boundary authenticate oidc -auth-method-id amoidc_QKY1VdjoaMgives error `Error from controller when performing authentication start
Error information: Kind: Internal Message: authmethod_service.(Service).authenticateOidcStart: Error generating parameters for starting the OIDC flow. See the controller's log for more information.: unknown: error #500 Status: 500 context: Error from controller when performing authentication start`
Authentication to global scope works. In the "Sign In" dialogue of the web page only the "Global" and "Generated org scope" are listed, not scopes created by step 2 or project scopes below that.
Expected behavior Authentication to auth-methods in scopes under global should be possible. Scopes should be listed in the "Sign In" dialogue.
Additional context Boundary version v0.12.1
I'm unable to reproduce this issue. See my comment on your other open issue: https://github.com/hashicorp/boundary/issues/3222#issuecomment-1546618302
Also I can see the auth method list for authen in the UI.
BTW, is your new auth method in a state of "public"? I'm not sure the UI lists non-public auth methods....
