OIDC token_type issue, Token type must be Bearer

ibrooes · November 8, 2021, 3:57pm

Hi, I am trying to setup OIDC Authentication. Open ID Connect Provider I am using sends id_token, access token, etc. All tokens are JWT. The issue I am facing is token_type field sent from Open ID Connect provider. The value of the field is 'jwt'. It seems that this caues issues with the authentication process since in logs on my deployment I get the following error:

Authentication to realm oidc1 failed - Failed to authenticate user with OpenID Connect (Caused by ElasticsearchSecurityException[Failed to exchange code for Id Token using the Token Endpoint. Unable to parse Token Response]; nested: ParseException[Token type must be Bearer]

Is there a way to configure my realm so that it accepts different values for token_type? Thanks

ibrooes · November 9, 2021, 9:22am

@Yang_Wang is it possible to adjust tcp_retries2 in Elastic on Azure managed service?

Yang_Wang · November 9, 2021, 10:31pm

Are you on Elastic Cloud? If that's the case, you should raise a support ticket for the issue which is better for collecting all necessary information and working out a solution.

system · December 7, 2021, 10:32pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
OIDC SocketTimeoutException Elasticsearch elastic-stack-security	3	560	November 8, 2021
Error while doing oidc - nested: ParseException[Missing JSON object member with key "token_type" Elasticsearch elastic-stack-security	4	2503	November 22, 2019
Possible bug in OIDC implementation Elasticsearch elastic-stack-security	4	401	September 5, 2019
Unable to login via oidc azure Elasticsearch elastic-stack-security	3	802	July 23, 2020
Authentication failed for an OpenID integration(oidc) Endpoint Security	1	407	October 3, 2023

OIDC token_type issue, Token type must be Bearer

Related topics