[OIDC] 422 Unprocessable Entity api/access-tokens/exchange-using-oidc #677

New Issue

Closed

opened 2026-02-04 20:48:06 +03:00 by OVERLORD · 4 comments

OVERLORD commented 2026-02-04 20:48:06 +03:00

Owner

Copy Link

Originally created by @baur on GitHub (Mar 28, 2025).

what means this error:

server client settings:

    {
      client_id: "planka-client",
      client_secret: "0538ccf7-d9d0-4568-996f-4491be8b456b",
      redirect_uris: ["http://localhost:1337/oidc-callback"],
      response_types: ["code"],
      grant_types: ["authorization_code"],
      token_endpoint_auth_method: "client_secret_post",
      pkce_methods: ["S256"], --disabled
    },

server side logs:

Simple Express app listening on port 4000!
2025-03-28T12:03:17.040Z [info]: OIDC Request: method=GET, url=/.well-known/openid-configuration
2025-03-28T12:03:18.175Z [info]: OIDC Request: method=GET, url=/auth?client_id=planka-client&scope=openid%20email&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A1337%2Foidc-callback&response_mode=fragment&state=hyIx0WWXuMCRcQdocoliG&nonce=MwtPkFNM9JrQD6aFO-8du
2025-03-28T12:03:18.202Z [info]: OIDC Request: method=GET, url=/interaction/Hube8INuu4tIgfbG926OF
2025-03-28T12:03:24.351Z [info]: OIDC Request: method=POST, url=/interaction/Hube8INuu4tIgfbG926OF
2025-03-28T12:03:24.364Z [info]: OIDC Request: method=GET, url=/auth/Hube8INuu4tIgfbG926OF
2025-03-28T12:03:24.368Z [info]: Finding account for id: testuser
2025-03-28T12:03:24.378Z [info]: OIDC Request: method=GET, url=/interaction/sl7d7aKB_eWN4_0SS7eRR
2025-03-28T12:03:27.111Z [info]: OIDC Request: method=POST, url=/interaction/sl7d7aKB_eWN4_0SS7eRR
2025-03-28T12:03:27.119Z [info]: OIDC Request: method=GET, url=/auth/sl7d7aKB_eWN4_0SS7eRR
2025-03-28T12:03:27.121Z [info]: Finding account for id: testuser
2025-03-28T12:03:27.123Z [info]: Authorization successful
2025-03-28T12:03:27.461Z [info]: OIDC Request: method=POST, url=/token
2025-03-28T12:03:27.471Z [info]: Finding account for id: testuser
2025-03-28T12:03:27.492Z [info]: OIDC Request: method=GET, url=/jwks
2025-03-28T12:03:27.501Z [info]: OIDC Request: method=GET, url=/me
2025-03-28T12:03:27.506Z [info]: Finding account for id: testuser

Originally created by @baur on GitHub (Mar 28, 2025). what means this error:  server client settings: ``` { client_id: "planka-client", client_secret: "0538ccf7-d9d0-4568-996f-4491be8b456b", redirect_uris: ["http://localhost:1337/oidc-callback"], response_types: ["code"], grant_types: ["authorization_code"], token_endpoint_auth_method: "client_secret_post", pkce_methods: ["S256"], --disabled }, ``` server side logs: ``` Simple Express app listening on port 4000! 2025-03-28T12:03:17.040Z [info]: OIDC Request: method=GET, url=/.well-known/openid-configuration 2025-03-28T12:03:18.175Z [info]: OIDC Request: method=GET, url=/auth?client_id=planka-client&scope=openid%20email&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A1337%2Foidc-callback&response_mode=fragment&state=hyIx0WWXuMCRcQdocoliG&nonce=MwtPkFNM9JrQD6aFO-8du 2025-03-28T12:03:18.202Z [info]: OIDC Request: method=GET, url=/interaction/Hube8INuu4tIgfbG926OF 2025-03-28T12:03:24.351Z [info]: OIDC Request: method=POST, url=/interaction/Hube8INuu4tIgfbG926OF 2025-03-28T12:03:24.364Z [info]: OIDC Request: method=GET, url=/auth/Hube8INuu4tIgfbG926OF 2025-03-28T12:03:24.368Z [info]: Finding account for id: testuser 2025-03-28T12:03:24.378Z [info]: OIDC Request: method=GET, url=/interaction/sl7d7aKB_eWN4_0SS7eRR 2025-03-28T12:03:27.111Z [info]: OIDC Request: method=POST, url=/interaction/sl7d7aKB_eWN4_0SS7eRR 2025-03-28T12:03:27.119Z [info]: OIDC Request: method=GET, url=/auth/sl7d7aKB_eWN4_0SS7eRR 2025-03-28T12:03:27.121Z [info]: Finding account for id: testuser 2025-03-28T12:03:27.123Z [info]: Authorization successful 2025-03-28T12:03:27.461Z [info]: OIDC Request: method=POST, url=/token 2025-03-28T12:03:27.471Z [info]: Finding account for id: testuser 2025-03-28T12:03:27.492Z [info]: OIDC Request: method=GET, url=/jwks 2025-03-28T12:03:27.501Z [info]: OIDC Request: method=GET, url=/me 2025-03-28T12:03:27.506Z [info]: Finding account for id: testuser ```

OVERLORD closed this issue 2026-02-04 20:48:06 +03:00

OVERLORD commented 2026-02-04 20:48:14 +03:00

Author

Owner

Copy Link

@baur commented on GitHub (Mar 28, 2025):

{code: "E_UNPROCESSABLE_ENTITY", message: "Unable to retrieve required values (email, name)"}
code: "E_UNPROCESSABLE_ENTITY"
message: "Unable to retrieve required values (email, name)"

@baur commented on GitHub (Mar 28, 2025): {code: "E_UNPROCESSABLE_ENTITY", message: "Unable to retrieve required values (email, name)"} code: "E_UNPROCESSABLE_ENTITY" message: "Unable to retrieve required values (email, name)"

OVERLORD commented 2026-02-04 20:48:17 +03:00

Author

Owner

Copy Link

@baur commented on GitHub (Mar 28, 2025):

OIDC_ISSUER=http://localhost:4000
OIDC_CLIENT_ID=planka-client
OIDC_CLIENT_SECRET=0538ccf7-d9d0-4568-996f-4491be8b456b
OIDC_SCOPES=openid email
OIDC_EMAIL_ATTRIBUTE=email
OIDC_NAME_ATTRIBUTE=name

@baur commented on GitHub (Mar 28, 2025): OIDC_ISSUER=http://localhost:4000 OIDC_CLIENT_ID=planka-client OIDC_CLIENT_SECRET=0538ccf7-d9d0-4568-996f-4491be8b456b OIDC_SCOPES=openid email OIDC_EMAIL_ATTRIBUTE=email OIDC_NAME_ATTRIBUTE=name

OVERLORD commented 2026-02-04 20:48:32 +03:00

Author

Owner

Copy Link

@meltyshev commented on GitHub (Mar 31, 2025):

Hi! It's difficult to determine the exact problem since we can't test all providers and configurations. You can try setting OIDC_CLAIMS_SOURCE=id_token to retrieve email and name directly from the id_token without making a userinfo request.

@meltyshev commented on GitHub (Mar 31, 2025): Hi! It's difficult to determine the exact problem since we can't test all providers and configurations. You can try setting `OIDC_CLAIMS_SOURCE=id_token` to retrieve email and name directly from the `id_token` without making a userinfo request.

OVERLORD commented 2026-02-04 20:48:35 +03:00

Author

Owner

Copy Link

@baur commented on GitHub (Apr 21, 2025):

OIDC Server side error

@baur commented on GitHub (Apr 21, 2025): OIDC Server side error

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

dependabot/npm_and_yarn/client/multi-5543462fab

gh-pages

dependabot/npm_and_yarn/multi-795903f3f3

dependabot/npm_and_yarn/server/multi-60f2582fdd

dependabot/npm_and_yarn/client/qs-6.14.2

dependabot/npm_and_yarn/client/markdown-it-14.1.1

v2.0.2

planka-2.0.2

v2.0.1

planka-2.0.1

v2.0.0

planka-2.0.0

planka-1.1.2

planka-1.1.1

planka-1.1.0

planka-1.0.5

planka-1.0.4

v2.0.0-rc.4

v1.26.3

planka-0.2.26

planka-1.0.3

planka-1.0.2

v2.0.0-rc.3

planka-1.0.1

planka-1.0.0

v2.0.0-rc.2

planka-0.2.25

v1.26.2

v1.26.1

planka-0.2.24

v1.26.0

planka-0.2.23

v1.25.1

planka-0.2.22

v1.25.0

planka-0.2.21

v1.24.4

planka-0.2.20

v1.24.3

planka-0.2.19

planka-0.2.18

v1.24.2

planka-0.2.17

planka-0.2.16

v1.24.1

planka-0.2.15

v1.24.0

planka-0.2.14

v1.23.5

v1.23.4

planka-0.2.13

planka-0.2.12

v1.23.3

planka-0.2.11

v1.23.2

planka-0.2.10

v1.23.1

planka-0.2.9

v1.23.0

v1.22.0

planka-0.2.8

Labels

Clear labels

bug

bug

documentation

documentation

duplicate

enhancement

good first issue

help wanted

pull-request

Mirrored from GitHub Pull Request

question

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/planka#677