netbird icon indicating copy to clipboard operation
netbird copied to clipboard

Published 20 hours ago verified publisher icon netbirdio

Netbird doesn't work with Keycloak with LDAPS for Account Delegation

Open michelangelo136 opened this issue 1 year ago • 17 comments

Describe the problem

While running Netbird with Keycloak I can authenticate and connect while using the local accounts, but when I enable account federation with LDAPS on Keycloak, the authentication stops working and I can no longer login or use Netbird.

To Reproduce

Steps to reproduce the behavior:

  1. Install the latest Netbird version with the script
  2. Connect Netbird with Keycloak
  3. Keycloak has LDAPS account federation enabled
  4. Try to connect to Netbird with SSO
  5. After authenticating with Keycloak, see the Netbird loading screen with no responses.
  6. Get the screen popup error: "Request failed with status code 401 Error: Token invalid"

Expected behavior The Netbird dashboard should load.

Are you using NetBird Cloud? No, Netbird selfhosted

NetBird version 0.28.3

Screenshots

image

Additional context

Netbird works if Keycloak doesn't use LDAPS federated users, when adding the Federated users it stops working, I also get the following error some times: ERRO management/server/http/middleware/auth_middleware.go:88: Error when validating JWT claims: Get "https://admin-keycloak.example.com:443/admin/realms/netbird/users?max=150": unexpected EOF

michelangelo136 avatar Jun 27 '24 13:06 michelangelo136