2022-09-29T17:35:08.984790153Z: ERROR ▶ openid/HandleCallback 09e oauth2: cannot fetch token: 400 Bad Request
Response: {"error": "invalid_client", "error_description": "Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method)"}
This is the error in the backend’s logs.
The client ID and secret both match in my SSO and Vikunja, I’ve checked this numerous times and even redone is on the SSO side, with new client ID’s and secrets. However, if I change the client ID, when I browse to the login page and try to login via oAuth, Vikunja tries to refer me back to my SSO provider with the old client ID?
auth:
openid:
# The url to redirect clients to. Defaults to the configured frontend url. If you're using Vikunja with the official
# frontend, you don't need to change this value.
# **Note:** The redirect url must exactly match the configured redirect url with the third party provider.
# This includes all slashes at the end or protocols.
redirecturl: <frontend url>
Following the instructions in the comments, I didn’t modify the redirecturl, which cause the vikunja directly using <frontend url>authentiklogin as redirect URL (should be https://plan.caomingjun.com/auth/openid/authentiklogin in my vikunja instance). I found this problem in the authentik logs.
What’s more, in the url in my browser, the redirect_uri is still correct, so there must be somewhere when the vikunja backend communicates with authentik it used <frontend url>authentiklogin, which be recorded in the log of authentik.
