#1 Global Leader in Data Resilience
#1 Global Leader in Data Resilience
BACK TO KB LIST

Openshift Authentication - Failed to authenticate: oidc: failed to get token: oauth2: cannot fetch token

KB ID: 4616
Product: Veeam Kasten for Kubernetes
Published: 2024-06-14
Last Modified: 2024-06-14
mailbox
Get weekly article updates
By subscribing, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.

Cheers for trusting us with the spot in your mailbox!

Now you’re less likely to miss what’s been brewing in our knowledge base with this weekly digest

error icon

Oops! Something went wrong.

Please, try again later.

Challenge

Users are unable to login to Veeam Kasten for Kubernetes Dashboard and receive the following error:

Failed to authenticate: oidc: failed to get token: oauth2: cannot fetch token: 400 Bad Request Response: {"error":"unauthorized_client","error_description": "The client is not authorized to request a token using this method."}

Cause

Theis issue is observed when the token provided while configuring oAuth does not match with the service account token.

Solution

Debug Using K10 Tools

Use k10tools for debugging openshift authentication to find out the cause.

./k10tools debug auth -d openshift

Compare Secret Details

  • Get the secret details from kasten-io namespace.
kubectl get secrets -n kasten-io
kubectl -n kasten-io get secret $desired_secret_name -o jsonpath='{.data.token}' | base64 -d
  • Get the clientSecret details provided when authentication was configured.
helm get values k10

Verify the Secret information from the helm command and compare it with the token base64 output from kubectl command output.

If there are any leading spaces or if it doesn't match, please correct it and update the k10 with proper client secret information. This can be achieved by the following command:

helm upgrade k10 kasten/k10 --namespace kasten-io --reuse-values --set auth.openshift.clientSecret=${my_token}
Recheck the secret values to ensure everything looks good. If not, further troubleshooting needs to be done using k10tools authentication debug mode to find any other issues related to authentication.
To submit feedback regarding this article, please click this link: Send Article Feedback
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.

Spelling error in text

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply except as noted in our Privacy Policy.
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

Oops! Something went wrong.

Please, try again later.

You have selected too large block!

Please try select less.

KB Feedback/Suggestion

This form is only for KB Feedback/Suggestions, if you need help with the software open a support case
By submitting, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.
This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply except as noted in our Privacy Policy.
Verify your email to continue your product download
We've sent a verification code to:
  • Incorrect verification code. Please try again.
An email with a verification code was just sent to
Didn't receive the code? Click to resend in sec
Didn't receive the code? Click to resend
Start using Veeam:
Download the product
&
Activate the license key
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

error icon

Oops! Something went wrong.

Please, try again later.