Hi @vinothkumar,
This error indicates that the Identity component is missing a required client secret configuration for orchestration. This is a common issue in Camunda 8.8.5, particularly when using Helm deployments.
Classification: Problem
Root Cause
The ClientInitializationService in Identity fails when required client secrets are missing or empty. Based on similar cases, this is typically caused by missing orchestration client secret configuration.
Solution
You need to configure the orchestration client secrets in your values.yaml file using the new 8.8+ secret structure:
1. Orchestration OIDC Client Secret
orchestration:
security:
authentication:
oidc:
secret:
# For non-production (choose one):
inlineSecret: "your-orchestration-client-secret"
# OR for production:
existingSecret: "your-k8s-secret-name"
existingSecretKey: "orchestration-secret-key"
2. Orchestration Migration Identity Client Secret (if using external IdP/OIDC)
orchestration:
migration:
identity:
clientId: your-migration-client-id
secret:
inlineSecret: "your-migration-client-secret"
# OR use existingSecret/existingSecretKey pattern
Steps to Fix
- Check your current
values.yamlfor theorchestration.security.authentication.oidc.secret.*andorchestration.migration.identity.secret.*configurations - Ensure you’re using the 8.8+ secret pattern with the
secret: { inlineSecret | existingSecret | existingSecretKey }structure - Verify referenced Kubernetes Secrets exist and contain the expected values
- Redeploy using
helm upgradeafter updating your values
Additional Information Needed
To provide more specific guidance, could you please share:
- Your current
values.yamlconfiguration for the orchestration sections mentioned above - The complete Identity error logs
- Whether you’re using external OIDC/Keycloak integration
References
Let me know if you need help with the specific configuration once you share your current setup!