camunda-platform-helm [ISSUE] console SM scope is not configurable in OIDC environment

[ISSUE] console SM scope is not configurable in OIDC environment

Open jessesimpson36 opened this issue 5 months ago • 0 comments

Describe the issue:

When trying to set up camunda with separated ingress, console SM enabled, and OIDC via azure, I got the following error:

2024-09-23-135049_grim

Request Id: f532af19-f5d3-4265-bacb-56702cb37000 Correlation Id: bf4bd00c-461e-449b-b43a-ed78a5117db9 Timestamp: 2024-09-23T17:48:50Z Message: AADSTS70011: The provided request must include a 'scope' input parameter. The provided value for the input parameter 'scope' is not valid. The scope openid email profile console/.default is not valid. The scope format is invalid. Scope must be in a valid URI form https://example/scope or a valid Guid <guid/scope>.

I noticed that zeebe has a parameter called global.identity.auth.zeebe.tokenScope to customize this URL parameter, but there is no such option for console SM.

Actual behavior:

Expected behavior:

How to reproduce:

Logs:

Environment:

Please note: Without the following info, it's hard to resolve the issue and probably it will be closed.

Platform:
Helm CLI version:
Chart version:
Values file:

Sep 23 '24 17:09 jessesimpson36

camunda-platform-helm camunda-platform-helm copied to clipboard

[ISSUE] console SM scope is not configurable in OIDC environment

camunda-platform-helm
camunda-platform-helm copied to clipboard