🐛 Bug Report: https://<your-app-url>/setup redirecting to /signup/setup #628

New Issue

Open

opened 2026-02-04 20:41:37 +03:00 by OVERLORD · 2 comments

OVERLORD commented 2026-02-04 20:41:37 +03:00

Owner

Copy Link

Originally created by @BackedUpBooty on GitHub (Jan 26, 2026).

Reproduction steps

Install with docker (compose and .env files below) then navigate to https or http url /setup:

services:
  pocket-id:
    image: ghcr.io/pocket-id/pocket-id:v2
    container_name: pocketID
    restart: unless-stopped
    env_file: .env
    ports:
      - 1411:1411
    volumes:
      - pocket-id:/app/data
    # Optional healthcheck
    healthcheck:
      test: [ "CMD", "/app/pocket-id", "healthcheck" ]
      interval: 1m30s
      timeout: 5s
      retries: 2
      start_period: 10s
  pocketid-db:
    image: postgres:17
    container_name: pocketid-db
    restart: unless-stopped
    env_file: .env
    healthcheck:
      test:
        ['CMD-SHELL', 'pg_isready -d "$${POSTGRES_DB}" -U $${POSTGRES_USER}']
      interval: 10s
      timeout: 5s
      retries: 5
    volumes:
      - data:/var/lib/postgresql/data/

volumes:
  data:
  pocket-id:      

# See the documentation for more information: https://pocket-id.org/docs/configuration/environment-variables

# These variables must be configured for your deployment:
APP_URL=https://mydomain.com

# Encryption key (choose one method):
# Method 1: Direct key (simple but less secure)
# Generate with: openssl rand -base64 32
ENCRYPTION_KEY=[redacted]
# Method 2: File-based key (recommended)
# Put the base64 key in a file and point to it here.
#ENCRYPTION_KEY_FILE=/key/encryption_key

# These variables are optional but recommended to review:
TRUST_PROXY=true
MAXMIND_LICENSE_KEY=[redacted]
PUID=1000
PGID=1000

DB_PROVIDER=postgres
DB_CONNECTION_STRING=postgresql://pocket-id:secret@pocketid-db:5432/pocketid-db

POSTGRES_USER=[redacted]
POSTGRES_PASSWORD=[redacted]
POSTGRES_DB=[redacted]
POSTGRES_HOST=pocketid-db
POSTGRES_PORT=5432

Expected behavior

Takes me to the admin console

Actual Behavior

It takes me to a signup page for a regular user

Pocket ID Version

latest as per today's pull

Database

Postgres17

OS and Environment

Docker on Ubuntu 24.04

Log Output

Jan 26 17:58:18 INF Request app=pocket-id version=2.2.0 status=200 method=GET path=/signup/setup query="" route="" ip=192.168.1.8 latency=97.035µs referer="" user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" body_size=2095
Jan 26 17:58:18 WRN Request with errors: Error #01: You are not signed in
 app=pocket-id version=2.2.0 status=401 method=GET path=/api/users/me query="" route=/api/users/me ip=192.168.1.8 latency=62.058µs referer=https://oidc.pointtosource.com/signup/setup user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" body_size=33
Jan 26 17:57:35 INF Job run successfully app=pocket-id version=2.2.0 name=UpdateGeoLiteDB id=1eaf875b-fe45-4869-98d9-ebda8861931f
Jan 26 17:57:34 INF Job run successfully app=pocket-id version=2.2.0 name=SendHeartbeat id=34ac5756-574e-4dbc-9f57-bd2ec653b760
Jan 26 17:57:35 INF GeoLite2 City database successfully updated. app=pocket-id version=2.2.0
Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=SyncScim id=67c19c0a-dfd4-40a0-9ad1-f32a3e76f8b5
Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearAuditLogs id=5e054221-3425-422d-9f46-5a7e316068b2
Jan 26 17:57:33 INF Deleted old audit logs app=pocket-id version=2.2.0 count=0
Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearEmailVerificationTokens id=e7c9f439-f570-4e5b-ae9d-75f92cd44deb
Jan 26 17:57:33 INF Cleaned expired email verification tokens app=pocket-id version=2.2.0 count=0
Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearSignupTokens id=96300fb6-a9a1-44af-9ddc-62bc6c90c4cb
Jan 26 17:57:33 INF Cleaned expired tokens app=pocket-id version=2.2.0 count=0
Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearOidcRefreshTokens id=c767cc96-43de-44b5-85d2-7c51ef68a21d
Jan 26 17:57:33 INF Cleaned expired OIDC refresh tokens app=pocket-id version=2.2.0 count=0
Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearOidcAuthorizationCodes id=c8242e00-5a88-414c-b8c5-1e06c47beba7
Jan 26 17:57:33 INF Cleaned expired OIDC authorization codes app=pocket-id version=2.2.0 count=0
Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearReauthenticationTokens id=34c609af-1cd2-4bb6-836f-ca7bc3332850
Jan 26 17:57:33 INF Cleaned expired reauthentication tokens app=pocket-id version=2.2.0 count=0
Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearOneTimeAccessTokens id=f13323fc-0f6c-43d0-a3cf-19a0f921df48
Jan 26 17:57:33 INF Cleaned expired one-time access tokens app=pocket-id version=2.2.0 count=0
Jan 26 17:57:33 INF Updating GeoLite2 City database app=pocket-id version=2.2.0
Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearWebauthnSessions id=c9193e4e-c724-4796-a18e-10ddb9f66dd6
Jan 26 17:57:33 INF Cleaned expired WebAuthn sessions app=pocket-id version=2.2.0 count=0
Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=SyncLdap id=2adc2d6a-6941-4511-8cef-94a6f9531389

Originally created by @BackedUpBooty on GitHub (Jan 26, 2026). ### Reproduction steps Install with docker (compose and .env files below) then navigate to https or http url /setup: ``` services: pocket-id: image: ghcr.io/pocket-id/pocket-id:v2 container_name: pocketID restart: unless-stopped env_file: .env ports: - 1411:1411 volumes: - pocket-id:/app/data # Optional healthcheck healthcheck: test: [ "CMD", "/app/pocket-id", "healthcheck" ] interval: 1m30s timeout: 5s retries: 2 start_period: 10s pocketid-db: image: postgres:17 container_name: pocketid-db restart: unless-stopped env_file: .env healthcheck: test: ['CMD-SHELL', 'pg_isready -d "$${POSTGRES_DB}" -U $${POSTGRES_USER}'] interval: 10s timeout: 5s retries: 5 volumes: - data:/var/lib/postgresql/data/ volumes: data: pocket-id: ``` ``` # See the documentation for more information: https://pocket-id.org/docs/configuration/environment-variables # These variables must be configured for your deployment: APP_URL=https://mydomain.com # Encryption key (choose one method): # Method 1: Direct key (simple but less secure) # Generate with: openssl rand -base64 32 ENCRYPTION_KEY=[redacted] # Method 2: File-based key (recommended) # Put the base64 key in a file and point to it here. #ENCRYPTION_KEY_FILE=/key/encryption_key # These variables are optional but recommended to review: TRUST_PROXY=true MAXMIND_LICENSE_KEY=[redacted] PUID=1000 PGID=1000 DB_PROVIDER=postgres DB_CONNECTION_STRING=postgresql://pocket-id:secret@pocketid-db:5432/pocketid-db POSTGRES_USER=[redacted] POSTGRES_PASSWORD=[redacted] POSTGRES_DB=[redacted] POSTGRES_HOST=pocketid-db POSTGRES_PORT=5432 ``` ### Expected behavior Takes me to the admin console ### Actual Behavior It takes me to a signup page for a regular user <img width="1783" height="951" alt="Image" src="https://github.com/user-attachments/assets/611d4c8d-6604-4838-97af-ac7990cfa2b5" /> ### Pocket ID Version latest as per today's pull ### Database Postgres17 ### OS and Environment Docker on Ubuntu 24.04 ### Log Output ``` Jan 26 17:58:18 INF Request app=pocket-id version=2.2.0 status=200 method=GET path=/signup/setup query="" route="" ip=192.168.1.8 latency=97.035µs referer="" user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" body_size=2095 Jan 26 17:58:18 WRN Request with errors: Error #01: You are not signed in app=pocket-id version=2.2.0 status=401 method=GET path=/api/users/me query="" route=/api/users/me ip=192.168.1.8 latency=62.058µs referer=https://oidc.pointtosource.com/signup/setup user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" body_size=33 Jan 26 17:57:35 INF Job run successfully app=pocket-id version=2.2.0 name=UpdateGeoLiteDB id=1eaf875b-fe45-4869-98d9-ebda8861931f Jan 26 17:57:34 INF Job run successfully app=pocket-id version=2.2.0 name=SendHeartbeat id=34ac5756-574e-4dbc-9f57-bd2ec653b760 Jan 26 17:57:35 INF GeoLite2 City database successfully updated. app=pocket-id version=2.2.0 Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=SyncScim id=67c19c0a-dfd4-40a0-9ad1-f32a3e76f8b5 Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearAuditLogs id=5e054221-3425-422d-9f46-5a7e316068b2 Jan 26 17:57:33 INF Deleted old audit logs app=pocket-id version=2.2.0 count=0 Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearEmailVerificationTokens id=e7c9f439-f570-4e5b-ae9d-75f92cd44deb Jan 26 17:57:33 INF Cleaned expired email verification tokens app=pocket-id version=2.2.0 count=0 Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearSignupTokens id=96300fb6-a9a1-44af-9ddc-62bc6c90c4cb Jan 26 17:57:33 INF Cleaned expired tokens app=pocket-id version=2.2.0 count=0 Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearOidcRefreshTokens id=c767cc96-43de-44b5-85d2-7c51ef68a21d Jan 26 17:57:33 INF Cleaned expired OIDC refresh tokens app=pocket-id version=2.2.0 count=0 Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearOidcAuthorizationCodes id=c8242e00-5a88-414c-b8c5-1e06c47beba7 Jan 26 17:57:33 INF Cleaned expired OIDC authorization codes app=pocket-id version=2.2.0 count=0 Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearReauthenticationTokens id=34c609af-1cd2-4bb6-836f-ca7bc3332850 Jan 26 17:57:33 INF Cleaned expired reauthentication tokens app=pocket-id version=2.2.0 count=0 Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearOneTimeAccessTokens id=f13323fc-0f6c-43d0-a3cf-19a0f921df48 Jan 26 17:57:33 INF Cleaned expired one-time access tokens app=pocket-id version=2.2.0 count=0 Jan 26 17:57:33 INF Updating GeoLite2 City database app=pocket-id version=2.2.0 Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=ClearWebauthnSessions id=c9193e4e-c724-4796-a18e-10ddb9f66dd6 Jan 26 17:57:33 INF Cleaned expired WebAuthn sessions app=pocket-id version=2.2.0 count=0 Jan 26 17:57:33 INF Job run successfully app=pocket-id version=2.2.0 name=SyncLdap id=2adc2d6a-6941-4511-8cef-94a6f9531389 ```

OVERLORD commented 2026-02-04 20:41:39 +03:00

Author

Owner

Copy Link

@kmendell commented on GitHub (Jan 27, 2026):

This is expected, in a version awhile back we changed the initial setup, to follow the same setup flow as the normal users would use. But if its the first user after a initial setup, it will be the admin user.

@kmendell commented on GitHub (Jan 27, 2026): This is expected, in a version awhile back we changed the initial setup, to follow the same setup flow as the normal users would use. But if its the first user after a initial setup, it will be the admin user.

OVERLORD commented 2026-02-04 20:41:42 +03:00

Author

Owner

Copy Link

@BackedUpBooty commented on GitHub (Jan 27, 2026):

Ah ok, I must have missed that in the docs. I was following the videos which were linked in the wiki, I guess something could be updated in the text to explain that?

But does that mean that I need to set up smtp for the registration to send the login details? After trying the first setup it just returned me to the 'Authorization' screen.

@BackedUpBooty commented on GitHub (Jan 27, 2026): Ah ok, I must have missed that in the docs. I was following the videos which were linked in the wiki, I guess something could be updated in the text to explain that? But does that mean that I need to set up smtp for the registration to send the login details? After trying the first setup it just returned me to the 'Authorization' screen.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

feat/email-verification

oidc-scopes

default-env-db-keys

slog-gorm

v2.2.0

v2.1.0

v2.0.2

v2.0.1

v2.0.0

v1.16.0

v1.15.0

v1.14.2

v1.14.1

v1.14.0

v1.13.1

v1.13.0

v1.12.0

v1.11.2

v1.11.1

v1.11.0

v1.10.0

v1.9.1

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.0

v1.4.1

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.53.0

v0.52.0

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.0

v0.45.0

v0.44.0

v0.43.1

v0.43.0

v0.42.1

v0.42.0

v0.41.0

v0.40.1

v0.40.0

v0.39.0

v0.38.0

v0.37.0

v0.36.0

v0.35.6

v0.35.5

v0.35.4

v0.35.3

v0.35.2

v0.35.1

v0.35.0

v0.34.0

v0.33.0

v0.32.0

v0.31.0

v0.30.0

v0.29.0

v0.28.1

v0.28.0

v0.27.2

v0.27.1

v0.27.0

v0.26.0

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.0

v0.22.0

v0.21.0

v0.20.1

v0.20.0

v0.19.0

v0.18.0

v0.17.0

v0.16.0

v0.15.0

v0.14.0

v0.13.1

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.0

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.1

v0.4.0

v0.3.1

v0.3.0

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

breaking

bug

bug

bug

documentation

feature

needs more upvotes

open to pull requests

pull-request

Mirrored from GitHub Pull Request

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/pocket-id#628