https://datahubproject.io logo
Join Slack
Powered by
@here I am trying to integrate okta. Login is work...
# troubleshoot
g
@here I am trying to integrate okta. Login is working but groups are not getting created. Any pointers to debug it further?
Copy code
5:42:54 [application-akka.actor.default-dispatcher-11] DEBUG auth.sso.oidc.OidcCallbackLogic - Extracted user that does not yet exist urn:li:corpuser:atul.atri+2@chegg.com. Provisioning...
15:42:54 [R2 Nio Event Loop-1-1] DEBUG c.l.r.t.h.c.rest.RAPResponseHandler - datahub-datahub-gms/172.20.46.42:8080: handling a response
15:42:54 [application-akka.actor.default-dispatcher-11] DEBUG auth.sso.oidc.OidcCallbackLogic - Successfully provisioned user urn:li:corpuser:atul.atri+2@chegg.com
15:42:54 [application-akka.actor.default-dispatcher-11] DEBUG auth.sso.oidc.OidcCallbackLogic - User urn:li:corpuser:atul.atri+2@chegg.com already exists. Skipping provisioning
15:42:54 [application-akka.actor.default-dispatcher-11] DEBUG auth.sso.oidc.OidcCallbackLogic - Attempting to extract groups from OIDC profile {at_hash=hrHigmHXqBL3Tp3ImVZ9YQ, sub=00u6di1t1gvuPN9hK5d7, zoneinfo=America/Los_Angeles, ver=1, email_verified=true, amr=["pwd"], id_token=<redacted>, iss=<https://dev>-<redacted>.<http://okta.com|okta.com>, groups=["datahub-nonprod-editors","datahub-nonprod-viewers","Everyone"], preferred_username=atul.atri+2@chegg.com, locale=en_US, given_name=Atul2, token_expiration_advance=-1, aud=[<redacted>], updated_at=Fri Sep 02 13:46:57 GMT 2022, idp=00o41aqbxbZt5AICt5d7, auth_time=Fri Sep 02 14:04:48 GMT 2022, name=Atul2 Atri2, exp=Fri Sep 02 16:42:53 GMT 2022, family_name=Atri2, iat=Fri Sep 02 15:42:53 GMT 2022, email=atul.atri+2@chegg.com, jti=ID.S7Urdn5bMJqyJCUmDW77fUCE8pgur39azoC6plOwjOs}
15:42:54 [application-akka.actor.default-dispatcher-11] DEBUG auth.sso.oidc.OidcCallbackLogic - Attempting to provision groups with urns []
15:42:54 [application-akka.actor.default-dispatcher-11] DEBUG auth.sso.oidc.OidcCallbackLogic - Fetched GMS groups with urns []
15:42:54 [application-akka.actor.default-dispatcher-11] DEBUG auth.sso.oidc.OidcCallbackLogic - Provisioning groups with urns []
15:42:54 [R2 Nio Event Loop-1-1] DEBUG c.l.r.t.h.c.rest.RAPResponseHandler - datahub-datahub-gms/172.20.46.42:8080: handling a response
15:42:54 [application-akka.actor.default-dispatcher-11] DEBUG auth.sso.oidc.OidcCallbackLogic - Successfully provisioned groups with urns []
15:42:54 [application-akka.actor.default-dispatcher-11] DEBUG auth.sso.oidc.OidcCallbackLogic - Updating group membership for user urn:li:corpuser:atul.atri+2@chegg.com
15:42:54 [R2 Nio Event Loop-1-1] DEBUG c.l.r.t.h.c.rest.RAPResponseHandler - datahub-datahub-gms/172.20.46.42:8080: handling a response
15:42:54 [R2 Nio Event Loop-1-1] DEBUG c.l.r.t.h.c.rest.RAPResponseHandler - datahub-datahub-gms/172.20.46.42:8080: handling a response
It worked for me I was setting AUTH_OIDC_GROUPS_CLAIM incorrectly
c
Hey Atul, I am running into a similar issue, could you tell me the resolution you came to?
4 Views
Open in Slack
PreviousNext
Powered by