SSO Setup isn't working even after following documentation

Help
,
1

Suggested template:

Problem/Question

I am running a self-hosted instance of authentik v2025.8.0 which provides OAuth2/OpenID Provider support for SSO logins. This solution has worked wonders for my organization, however, when attempting to deploy SSO for netdata with both OIDC and SCIM options enabled, I keep getting an internal server error similar to this post’s comment.

Relevant docs you followed/actions you took to solve the issue

Followed the following doc pages.

Double-checked secrets and client IDs with multiple recreations.

Tried looking all over the internet.

Environment/Browser/Agent’s version etc

Authentik version: 2025.8.0

Using Netdata Cloud

Only one agent deployed with the version being: v2.7.1

What I expected to happen

When logging in, SCIM will automaticity provision the user and login them in through OIDC.

2

hi @hyerland , thanks for reaching out.

could you send me by DM your space id?

best,

Juan

3

Hi Juan,

I don’t see a clear method of DMing you on the platform? How would I do that?

Thanks,

Adam

4

you can click on my avatar, and click “Message”

5

There is no button showing, I’m assuming it’s a spam protection since I created this forum account very recently.

6

send it to me at juan@netdata.cloud

7

ok, got it, thank you

8

hi @hyerland

Seems Authentik is generating very long client secrets that were being truncated in Netdata UI during OIDC integration configuration.

We’ve released a fix to accept longer secrets. Please reconfigure your OIDC credentials in Netdata. Make sure to copy the complete client secret from Authentik (check that nothing is cut off when pasting).

Please, let us know if this resolves the authentication issues.

Best,

Juan

1 Like
9

Logging in with SSO now works, however, the user is created but isn’t added to the Comfora space, I do have SCIM enabled and SCIM is working on authentik’s end but isn’t being applied properly by Netdata.

I did see that there’s a group tab in user management, but I’m unable to proceed as the first fillable field shows nothing, and I’m unable to add anything. All the other fields work.

image
image1629×124 5.98 KB

10

For memberships to be created automatically, you need to push Authentic groups to Netdata. Here’s how the process works:

  1. Push groups to Netdata - Your Authentic groups must first be provisioned in Netdata

  2. Create membership rules - Once groups are provisioned, navigate to the Groups tab where you can map your SCIM groups to existing rooms and roles

  3. Automatic evaluation - Rules are evaluated immediately upon creation, so members of the groups will be associated to the specific rooms with the specific role depending on the existing rules.

here you can find more information about how membership rules work.

I’ve reviewed your SCIM data and, while Authentic has provisioned one SCIM user, no SCIM groups have been provisioned yet. This is why you’re unable to create membership rules in the Groups tab.

To resolve this, you’ll need to push your Authentic groups to Netdata before you can configure membership rules.

11

Alright I believe the issue is resolved, many thanks.