September 4, 2025Sep 4 I'm on Unraid v7.1.4 and the Unraid Connect plugin is on v2025.09.03.1929.I have Authentik setup as an OIDC provider and am receiving these errors when trying to sign in with it:[15:09:54 ERROR OidcTokenExchangeService]: Token exchange failed {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: Error type: ClientError {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: Error message: invalid response encountered {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: Error code: OAUTH_INVALID_RESPONSE {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: Error cause chain: {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: [Cause 1] OperationProcessingError: unexpected "iss" (issuer) response parameter value {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: [Cause 1] Code: OAUTH_INVALID_RESPONSE {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: [Cause 2] object: [object Object] {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcService]: OAuth callback error: invalid response encountered {"apiVersion":"4.18.2+5d89682","logger":"OidcService","context":"OidcService"} [15:09:54 ERROR OidcRestController]: OIDC callback error: UnauthorizedException: Authentication failed {"apiVersion":"4.18.2+5d89682","logger":"OidcRestController","context":"OidcRestController"}I have double, triple checked that all of my settings are correct both on the plugin and in Authentik. I also have Unraid.net setup and that works perfectly with 0 errors.When I save the OIDC settings, the logs show successful discovery of all the endpoints and gives no errors, so I'm confident that the config is all correct.Edit: I should also mention that Authentik uses the issuer URL as https://auth.domain.com/application/o/unraid/ WITH the trailing '/'. Even though the Unraid docs and error message state to NOT include that, the discovery will error out unless it is included.When I inspect the JWT data, the value for the iss claim also includes the trailing '/'.This seems like an issue somewhere in Unraid where it's getting slightly different data than it's expecting. Edited September 4, 2025Sep 4 by cordlord add version info
September 5, 2025Sep 5 Author Solution Well, I guess nevermind cause another update came through and this issue was resolved.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.