starred/planka-plankanban
1
0
Fork 0
mirror of https://github.com/plankanban/planka.git synced 2026-05-04 18:00:55 +03:00
Code Issues 398 Packages Projects Releases 10 Wiki Activity

[Bug]: OIDC with Keyclock - fails with unknown ISS #913

New Issue
Open
opened 2026-02-05 18:54:02 +03:00 by OVERLORD · 2 comments
OVERLORD commented 2026-02-05 18:54:02 +03:00
Owner
Copy Link

Originally created by @aneillans on GitHub (Feb 5, 2026).

Where is the problem occurring?

None

What browsers are you seeing the problem on?

Microsoft Edge

Current behavior

Configured for enforced OIDC with Keycloak, following the settings detailed in the wiki
When trying to login with OIDC receive: "Error while exchanging OIDC code: RPError: iss mismatch" in the logs
The ISS logged is the same, but with a slash on the end.

Desired behavior

Login via OIDC completes successfully

Steps to reproduce

Configure OIDC with:

  - OIDC_ISSUER=https://keycloakserver/realms/My%20Tools/
  - OIDC_CLIENT_ID=boards
  - OIDC_CLIENT_SECRET=secret
  - OIDC_ADMIN_ROLES=admin
  - OIDC_PROJECT_OWNER_ROLES=project_owner
  - OIDC_ENFORCED=true

Try to login

Other information

No response

Originally created by @aneillans on GitHub (Feb 5, 2026). ### Where is the problem occurring? None ### What browsers are you seeing the problem on? Microsoft Edge ### Current behavior Configured for enforced OIDC with Keycloak, following the settings detailed in the wiki When trying to login with OIDC receive: "Error while exchanging OIDC code: RPError: iss mismatch" in the logs The ISS logged is the same, but with a slash on the end. ### Desired behavior Login via OIDC completes successfully ### Steps to reproduce Configure OIDC with: - OIDC_ISSUER=https://keycloakserver/realms/My%20Tools/ - OIDC_CLIENT_ID=boards - OIDC_CLIENT_SECRET=secret - OIDC_ADMIN_ROLES=admin - OIDC_PROJECT_OWNER_ROLES=project_owner - OIDC_ENFORCED=true Try to login ### Other information _No response_
OVERLORD commented 2026-02-05 18:54:02 +03:00
Author
Owner
Copy Link

@meltyshev commented on GitHub (Feb 5, 2026):

Hey! Thanks for reporting this. I tried setting up Keycloak with a custom realm and ran into the same issue when OIDC_ISSUER ended with a / (which is a bit strange, since it worked before with the default master realm even with the slash). I removed the trailing slash (OIDC_ISSUER=https://keycloakserver/realms/My%20Tools) - and that solved it.

@meltyshev commented on GitHub (Feb 5, 2026): Hey! Thanks for reporting this. I tried setting up Keycloak with a custom realm and ran into the same issue when `OIDC_ISSUER` ended with a `/` (which is a bit strange, since it worked before with the default `master` realm even with the slash). I removed the trailing slash (`OIDC_ISSUER=https://keycloakserver/realms/My%20Tools`) - and that solved it.
OVERLORD commented 2026-02-05 18:54:03 +03:00
Author
Owner
Copy Link

@aneillans commented on GitHub (Feb 5, 2026):

Was just about to say, had to remove the trailing slash to get it to work - and make sure not to use email as username!

@aneillans commented on GitHub (Feb 5, 2026): Was just about to say, had to remove the trailing slash to get it to work - and make sure not to use email as username!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
bug
documentation
documentation
duplicate
enhancement
good first issue
help wanted
pull-request
Mirrored from GitHub Pull Request
 question
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/planka-plankanban#913
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?