Operate : grpc-message: Failed to parse bearer token, see cause for details

Camunda 8 Topics
,
1

Hello ,

I installed camunda using helm chart under openshift. I used an existing keycloak, with the following global config:

## @extra global.identity.auth configuration, to configure identity authentication setup
    auth:
      ## @param global.identity.auth.enabled if true, enables the identity authentication otherwise basic-auth will be used on all services.
      enabled: true

      # @param global.identity.auth.issuer defines the issuer name, which is used by the services to validate the JWT tokens.
      issuer: "https://keycloak-keycloak.apps.lab/auth/realms/camunda-platform"
      # @param global.identity.auth.issuerBackendUrl defines the issuer backend URL, which is used by the services to validate the JWT tokens in a container to container context.
      issuerBackendUrl: "https://keycloak-keycloak.apps.lab/auth/realms/camunda-platform"
      # @param global.identity.auth.tokenUrl defines the token URL, which is used by the services to request JWT tokens.
      tokenUrl: "https://keycloak-keycloak.apps.lab/auth/realms/camunda-platform/protocol/openid-connect/token"
      # @param global.identity.auth.jwksUrl defines the JWKS URL, which is used by the services to validate the JWT tokens.
      jwksUrl: "https://keycloak-keycloak.apps.lab/auth/realms/camunda-platform/protocol/openid-connect/certs"
      # @param global.identity.auth.type defines the type of authentication which should be used. Defaults to Keycloak
      type: "KEYCLOAK"

All the pods succesfully starts , except of Operate and Tasklist.
After changing the log level in operate, i can see that operate is able to get a token but not able to parse it :

2024-08-23 12:09:03.658 DEBUG 7 --- [-worker-ELG-1-2] i.g.n.NettyClientHandler                 : [id: 0x128789e9, L:/10.128.6.202:55830 - R:camunda-zeebe-gateway/172.30.183.144:26500] OUTBOUND DATA: streamId=2719315 padding=0 endStream=true length=5 bytes=0000000000
2024-08-23 12:09:03.658 DEBUG 7 --- [-worker-ELG-1-2] i.g.n.NettyClientHandler                 : [id: 0x128789e9, L:/10.128.6.202:55830 - R:camunda-zeebe-gateway/172.30.183.144:26500] INBOUND HEADERS: streamId=2719315 headers=GrpcHttp2ResponseHeaders[:status: 200, content-type: application/grpc, grpc-status: 16, grpc-message: Failed to parse bearer token, see cause for details] padding=0 endStream=true

As for Tasklist , the pod is hanging with the following message :

INFO 7 --- [           main] i.c.t.e.ILMPolicyUpdateElasticSearch     : Removing ILM policy to all existent indices

No additional info when trying to change the log level ( only one repeating message )

I tried to decode the token to check the audience and expiry date , i found nothing weird, can you help me to find a solution ? Thanks

2

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.