Authentik OIDC Not Working


Authentik is not working as an OAuth2 provider for Rocket.Chat. I followed | authentik for setup and it’s working halfway. It performs an initial token POST request as it should, but then does a GET afterwards which Authentik rejects and the entire flow fails. Any advice?

Server Setup Information

  • Version of Rocket.Chat Server: Latest Stable
  • Operating System: Ubuntu 22.04
  • Deployment Method: Docker Compise
  • Number of Running Instances: 1
  • Proxy: Caddy v2

Any additional Information

Rocket logs:

{"level":50,"time":"2023-08-21T01:31:56.891Z","pid":1,"hostname":"55e3934c0072","name":"System","msg":"Exception while invoking method login","err":{"type":"Error","message":"","stack":"Error: Failed to complete OAuth handshake with sso at https://sso/application/o/token. Method Not Allowed\n

Authentik access logs:

{"auth_via": "unauthenticated", "event": "/application/o/token", "host": "sso", "level": "info", "logger": "authentik.asgi", "method": "POST", "pid": 25, "remote": "", "request_id": "ec6e394304e14e7fb4b495964072c77a", "runtime": 11, "scheme": "https", "status": 301, "timestamp": "2023-08-21T02:08:07.780132", "user": "", "user_agent": "Meteor/METEOR@2.12"}
{"auth_via": "unauthenticated", "event": "/application/o/token/", "host": "sso", "level": "info", "logger": "authentik.asgi", "method": "GET", "pid": 25, "remote": "", "request_id": "462d4a78c066410d8b4b73d47d8aab86", "runtime": 13, "scheme": "https", "status": 405, "timestamp": "2023-08-21T02:08:07.807604", "user": "", "user_agent": "Meteor/METEOR@2.12"}

Hello @ uno online, The error message suggests a “Method Not Allowed” error when Rocket.Chat tries to complete the OAuth handshake with Authentik. I think you should try testing with a different OAuth2 provider. As a troubleshooting step, you can try configuring Rocket.Chat with a different OAuth2 provider (e.g., Google, Facebook) to see if the issue is specific to Authentik or a more general problem. This can help determine whether the issue lies with Rocket.Chat configuration or with Authentik itself.