Skip to content

[Bug] Cant create sso integration with Keycloak #1

Open
Open
[Bug] Cant create sso integration with Keycloak#1
@FaraSys

Description

@FaraSys
FaraSys
opened on Feb 26, 2026

Component

  • Backend (API)

Describe the Bug

Steps to Reproduce

  1. Go to keycloak and create client. Assign client scope.
  2. Copy Client Secrets and Client Id and set to .env file
  3. Start containers and try login VIA SSO. Application redirect to Keycloak windows. Input creds in keyalock windows. After returning to astradraw, login failed
  4. See error in api container logs

Expected Behavior

Actual Behavior

Screenshots

Environment

  • Deployment type: Docker
  • AstraDraw version: 1.0.1
  • Browser: All
  • OS: Windows 11, Debian 13, Ubuntu 22
  • Docker version: 29.2.1

Logs

API Container

Thu, 26 Feb 2026 12:33:49 GMT express:router dispatching GET /api/v2/auth/callback?state=eyJzdGF0ZSI6Ii8iLCJjb2RlVmVyaWZpZXIiOiJvSWNELWZUZzdfSjFMMW00b3lvd3ZkWmpwVlVVbWEyZFM2c09OS2xidENZIn0&iss=https%3A%2F%2Fkeycloak.domain.net%2Frealms%2Fstest&code=633c1b59-b40f-4459-8173-4de010ce454c.9e18dc60-c12e-4bca-80f7-eb0d0d6be744.ab1a74c8-6670-465d-b4ad-7c213fec913a
Thu, 26 Feb 2026 12:33:49 GMT express:router query  : /api/v2/auth/callback?state=eyJzdGF0ZSI6Ii8iLCJjb2RlVmVyaWZpZXIiOiJvSWNELWZUZzdfSjFMMW00b3lvd3ZkWmpwVlVVbWEyZFM2c09OS2xidENZIn0&iss=https%3A%2F%2Fkeycloak.domain.net%2Frealms%2Fstest&code=633c1b59-b40f-4459-8173-4de010ce454c.9e18dc60-c12e-4bca-80f7-eb0d0d6be744.ab1a74c8-6670-465d-b4ad-7c213fec913a
Thu, 26 Feb 2026 12:33:49 GMT express:router expressInit  : /api/v2/auth/callback?state=eyJzdGF0ZSI6Ii8iLCJjb2RlVmVyaWZpZXIiOiJvSWNELWZUZzdfSjFMMW00b3lvd3ZkWmpwVlVVbWEyZFM2c09OS2xidENZIn0&iss=https%3A%2F%2Fkeycloak.domain.net%2Frealms%2Fstest&code=633c1b59-b40f-4459-8173-4de010ce454c.9e18dc60-c12e-4bca-80f7-eb0d0d6be744.ab1a74c8-6670-465d-b4ad-7c213fec913a
Thu, 26 Feb 2026 12:33:49 GMT express:router cookieParser  : /api/v2/auth/callback?state=eyJzdGF0ZSI6Ii8iLCJjb2RlVmVyaWZpZXIiOiJvSWNELWZUZzdfSjFMMW00b3lvd3ZkWmpwVlVVbWEyZFM2c09OS2xidENZIn0&iss=https%3A%2F%2Fkeycloak.domain.net%2Frealms%2Fstest&code=633c1b59-b40f-4459-8173-4de010ce454c.9e18dc60-c12e-4bca-80f7-eb0d0d6be744.ab1a74c8-6670-465d-b4ad-7c213fec913a
Thu, 26 Feb 2026 12:33:49 GMT express:router corsMiddleware  : /api/v2/auth/callback?state=eyJzdGF0ZSI6Ii8iLCJjb2RlVmVyaWZpZXIiOiJvSWNELWZUZzdfSjFMMW00b3lvd3ZkWmpwVlVVbWEyZFM2c09OS2xidENZIn0&iss=https%3A%2F%2Fkeycloak.domain.net%2Frealms%2Fstest&code=633c1b59-b40f-4459-8173-4de010ce454c.9e18dc60-c12e-4bca-80f7-eb0d0d6be744.ab1a74c8-6670-465d-b4ad-7c213fec913a
Thu, 26 Feb 2026 12:33:49 GMT express:router jsonParser  : /api/v2/auth/callback?state=eyJzdGF0ZSI6Ii8iLCJjb2RlVmVyaWZpZXIiOiJvSWNELWZUZzdfSjFMMW00b3lvd3ZkWmpwVlVVbWEyZFM2c09OS2xidENZIn0&iss=https%3A%2F%2Fkeycloak.domain.net%2Frealms%2Fstest&code=633c1b59-b40f-4459-8173-4de010ce454c.9e18dc60-c12e-4bca-80f7-eb0d0d6be744.ab1a74c8-6670-465d-b4ad-7c213fec913a
Thu, 26 Feb 2026 12:33:49 GMT body-parser:json skip empty body
Thu, 26 Feb 2026 12:33:49 GMT express:router urlencodedParser  : /api/v2/auth/callback?state=eyJzdGF0ZSI6Ii8iLCJjb2RlVmVyaWZpZXIiOiJvSWNELWZUZzdfSjFMMW00b3lvd3ZkWmpwVlVVbWEyZFM2c09OS2xidENZIn0&iss=https%3A%2F%2Fkeycloak.domain.net%2Frealms%2Fstest&code=633c1b59-b40f-4459-8173-4de010ce454c.9e18dc60-c12e-4bca-80f7-eb0d0d6be744.ab1a74c8-6670-465d-b4ad-7c213fec913a
Thu, 26 Feb 2026 12:33:49 GMT body-parser:urlencoded skip empty body
Thu, 26 Feb 2026 12:33:49 GMT express:router trim prefix (/api/v2/auth/callback) from url /api/v2/auth/callback?state=eyJzdGF0ZSI6Ii8iLCJjb2RlVmVyaWZpZXIiOiJvSWNELWZUZzdfSjFMMW00b3lvd3ZkWmpwVlVVbWEyZFM2c09OS2xidENZIn0&iss=https%3A%2F%2Fkeycloak.domain.net%2Frealms%2Fstest&code=633c1b59-b40f-4459-8173-4de010ce454c.9e18dc60-c12e-4bca-80f7-eb0d0d6be744.ab1a74c8-6670-465d-b4ad-7c213fec913a
Thu, 26 Feb 2026 12:33:49 GMT express:router <anonymous> /api/v2/auth/callback : /api/v2/auth/callback?state=eyJzdGF0ZSI6Ii8iLCJjb2RlVmVyaWZpZXIiOiJvSWNELWZUZzdfSjFMMW00b3lvd3ZkWmpwVlVVbWEyZFM2c09OS2xidENZIn0&iss=https%3A%2F%2Fkeycloak.domain.net%2Frealms%2Fstest&code=633c1b59-b40f-4459-8173-4de010ce454c.9e18dc60-c12e-4bca-80f7-eb0d0d6be744.ab1a74c8-6670-465d-b4ad-7c213fec913a
Thu, 26 Feb 2026 12:33:49 GMT body-parser:raw skip empty body
[Nest] 106  - 02/26/2026, 12:33:49 PM   ERROR [AuthController] Callback error: invalid response encountered
Thu, 26 Feb 2026 12:33:50 GMT express:router dispatching GET /api/v2/auth/status
Thu, 26 Feb 2026 12:33:50 GMT express:router query  : /api/v2/auth/status
Thu, 26 Feb 2026 12:33:50 GMT express:router expressInit  : /api/v2/auth/status
Thu, 26 Feb 2026 12:33:50 GMT express:router cookieParser  : /api/v2/auth/status
Thu, 26 Feb 2026 12:33:50 GMT express:router corsMiddleware  : /api/v2/auth/status
Thu, 26 Feb 2026 12:33:50 GMT express:router jsonParser  : /api/v2/auth/status
Thu, 26 Feb 2026 12:33:50 GMT body-parser:json skip empty body
Thu, 26 Feb 2026 12:33:50 GMT express:router urlencodedParser  : /api/v2/auth/status
Thu, 26 Feb 2026 12:33:50 GMT body-parser:urlencoded skip empty body
Thu, 26 Feb 2026 12:33:50 GMT express:router trim prefix (/api/v2/auth/status) from url /api/v2/auth/status
Thu, 26 Feb 2026 12:33:50 GMT express:router <anonymous> /api/v2/auth/status : /api/v2/auth/status
Thu, 26 Feb 2026 12:33:50 GMT body-parser:raw skip empty body

Browser console:

authApi.ts:83 
 GET https://astra.domain.net/api/v2/auth/me 401 (Unauthorized)
Y$	@	authApi.ts:83
(anonymous)	@	AuthContext.tsx:86
await in (anonymous)		
(anonymous)	@	AuthContext.tsx:118
AuthContext.tsx:105 Auth error: auth_failed
(anonymous)	@	AuthContext.tsx:105
await in (anonymous)		
(anonymous)	@	AuthContext.tsx:118

Additional Context

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions