<@U06TM7M40RK> OIDC redirect signout doesn’t work.
To address the issue of OIDC redirect signout not working, there are several steps and configurations you can check and adjust:
-
Verify OIDC Configuration: Ensure that the
post_logout_redirect_uri
is correctly set in your Identity Provider (IdP) configuration. This URI should point to the DataHub login page. According to the <https://github.com/datahub-project/datahub/blob/master/docs/authentication/guides/sso/initialize-oidc.md|DataHub OIDC Configuration Guide>, this is crucial for proper logout functionality. -
Check Logout Endpoint: Make sure that the logout endpoint is correctly configured in your DataHub setup. For example, in Azure, the “Front-channel logout URL” should be set to
https://<your-datahub-url>/logOut
. This is mentioned in the <https://github.com/datahub-project/datahub/blob/master/docs/authentication/guides/sso/initialize-oidc.md|DataHub OIDC Configuration Guide>. -
Session Management: Verify that the session store is correctly set up to handle state parameters. This is typically configured in the
application.conf
file of the DataHub frontend. You can refer to the <https://datahubproject.io/docs/0.14.0/authentication|DataHub Authentication Overview> for more details. -
Enable Verbose Logging: Enable verbose logging to get more detailed information about the issue. You can do this by setting the
AUTH_VERBOSE_LOGGING
environment variable totrue
. This can help in diagnosing the problem by providing more insights into the logout process. -
Known Issues: There are known issues with OIDC logout in DataHub, particularly with certain Identity Providers like Keycloak, as discussed in <Issues · datahub-project/datahub · GitHub Issue #7144> and <Issues · datahub-project/datahub · GitHub Issue #4854>. These issues may require specific workarounds or updates to the DataHub version you are using.
Would you like more detailed steps on how to configure these settings or troubleshoot further?
Sources:
- <https://github.com/datahub-project/datahub/blob/master/docs/authentication/guides/sso/initialize-oidc.md|DataHub OIDC Configuration Guide>
- <Issues · datahub-project/datahub · GitHub Issue #7144>
- <Issues · datahub-project/datahub · GitHub Issue #4854> 0 button 0 button Hint: Mention @runllm in the thread for followups.
Hi <@U086EAJ6RR8>, how did my answer work out for you? Need any more assistance? You can also tag <@U07FV3UHE4D> to let your fellow community members know you’re still looking for guidance.