OIDC Configuration Question #389

New Issue

Closed

opened 2026-02-04 18:57:29 +03:00 by OVERLORD · 3 comments

OVERLORD commented 2026-02-04 18:57:29 +03:00

Owner

Copy Link

Originally created by @xionous on GitHub (Nov 24, 2023).

Has anyone gotten the OIDC to work with Authelia?

The error that I am getting is Authelia is complaining that it isn't getting a "state":

level=error msg="Authorization Request failed with error: The state is missing or does not have enough characters and is therefore considered too weak. Request parameter 'state' must be at least be 8 characters long to ensure sufficient entropy."

Planka

      - OIDC_ISSUER=https://auth.domain
      - OIDC_CLIENT_ID=planka
      - OIDC_CLIENT_SECRET=super_secret
      - OIDC_SCOPES=openid profile email
      - OIDC_ADMIN_ROLES=planka_admin
      - OIDC_ROLES_ATTRIBUTE=groups

Authelia

      - id: planka
        description: Planka Kanban
        secret: super_secret
        sector_identifier: domain
        public: false
        authorization_policy: two_factor
        pre_configured_consent_duration: 1M
        audience: []
        scopes:
          - openid
          - email
          - profile
        redirect_uris:
          - https://planka.domain/oidc-callback
        userinfo_signing_algorithm: none

Originally created by @xionous on GitHub (Nov 24, 2023). Has anyone gotten the OIDC to work with Authelia? The error that I am getting is Authelia is complaining that it isn't getting a "state": `level=error msg="Authorization Request failed with error: The state is missing or does not have enough characters and is therefore considered too weak. Request parameter 'state' must be at least be 8 characters long to ensure sufficient entropy."` Planka ``` - OIDC_ISSUER=https://auth.domain - OIDC_CLIENT_ID=planka - OIDC_CLIENT_SECRET=super_secret - OIDC_SCOPES=openid profile email - OIDC_ADMIN_ROLES=planka_admin - OIDC_ROLES_ATTRIBUTE=groups ``` Authelia ``` - id: planka description: Planka Kanban secret: super_secret sector_identifier: domain public: false authorization_policy: two_factor pre_configured_consent_duration: 1M audience: [] scopes: - openid - email - profile redirect_uris: - https://planka.domain/oidc-callback userinfo_signing_algorithm: none ```

OVERLORD added the help wanted label 2026-02-04 18:57:29 +03:00

OVERLORD closed this issue 2026-02-04 18:57:34 +03:00

OVERLORD commented 2026-02-04 18:57:37 +03:00

Author

Owner

Copy Link

@meltyshev commented on GitHub (Nov 24, 2023):

Probably we can add a state parameter, just need to check first if it will affect other providers. But it's weird that Authelia doesn't work without it, since it should be optional.

@meltyshev commented on GitHub (Nov 24, 2023): Probably we can add a state parameter, just need to check first if it will affect other providers. But it's weird that Authelia doesn't work without it, since it should be optional.

OVERLORD commented 2026-02-04 18:57:46 +03:00

Author

Owner

Copy Link

@xionous commented on GitHub (Nov 25, 2023):

My understanding is having the state parameter is a security best practice, so perhaps that is why. I would think that adding it would not interfere with other providers.

@xionous commented on GitHub (Nov 25, 2023): My understanding is having the state parameter is a security best practice, so perhaps that is why. I would think that adding it would not interfere with other providers.

OVERLORD commented 2026-02-04 18:58:00 +03:00

Author

Owner

Copy Link

@Bykow commented on GitHub (Dec 5, 2023):

I'm having a similar issue with authelia.

update: previous error fixed, now looking at same issue:
level=error msg="Authorization Request failed with error: The state is missing or does not have enough characters and is therefore considered too weak. Request parameter 'state' must be at least be 8 characters long to ensure sufficient entropy."

@Bykow commented on GitHub (Dec 5, 2023): I'm having a similar issue with authelia. update: previous error fixed, now looking at same issue: `level=error msg="Authorization Request failed with error: The state is missing or does not have enough characters and is therefore considered too weak. Request parameter 'state' must be at least be 8 characters long to ensure sufficient entropy."`

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

gh-pages

dependabot/npm_and_yarn/multi-795903f3f3

dependabot/npm_and_yarn/server/multi-60f2582fdd

dependabot/npm_and_yarn/client/qs-6.14.2

dependabot/npm_and_yarn/client/markdown-it-14.1.1

v2.0.2

planka-2.0.2

v2.0.1

planka-2.0.1

v2.0.0

planka-2.0.0

planka-1.1.2

planka-1.1.1

planka-1.1.0

planka-1.0.5

planka-1.0.4

v2.0.0-rc.4

v1.26.3

planka-0.2.26

planka-1.0.3

planka-1.0.2

v2.0.0-rc.3

planka-1.0.1

planka-1.0.0

v2.0.0-rc.2

planka-0.2.25

v1.26.2

v1.26.1

planka-0.2.24

v1.26.0

planka-0.2.23

v1.25.1

planka-0.2.22

v1.25.0

planka-0.2.21

v1.24.4

planka-0.2.20

v1.24.3

planka-0.2.19

planka-0.2.18

v1.24.2

planka-0.2.17

planka-0.2.16

v1.24.1

planka-0.2.15

v1.24.0

planka-0.2.14

v1.23.5

v1.23.4

planka-0.2.13

planka-0.2.12

v1.23.3

planka-0.2.11

v1.23.2

planka-0.2.10

v1.23.1

planka-0.2.9

v1.23.0

v1.22.0

planka-0.2.8

Labels

Clear labels

bug

bug

documentation

documentation

duplicate

enhancement

good first issue

help wanted

pull-request

Mirrored from GitHub Pull Request

question

wontfix

No Label help wanted

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/planka#389