Loading

Error 69: "Unable to Sign In" Occurs After Configured OpenID Connect with Keycloak

Publiceringsdatum: Feb 25, 2025
Beskrivning

Error 69: "Unable to Sign In" Occurs After Configured OpenID Connect with Keycloak.

After enabling enhanced OpenID logging, the following error can be found in vizportal log:

DEBUG com.tableausoftware.domain.user.openid.OpenIDConnectHelper - Received idp auth code, starting back-channel request to exchange it for an access token.
DEBUG com.tableausoftware.domain.user.openid.OpenIDConnectHelper - Exchanging authentication code for access token.
DEBUG com.tableausoftware.domain.user.openid.OpenIDConnectHelper - Parsing response.
WARN  com.tableausoftware.api.webclient.WebClientGetAuthenticationController - WebClientGetAuthenticationController failed during OpenID login attempt
com.tableausoftware.domain.exceptions.AuthenticationException: Parameter client_assertion_type is missing HTTPResponse: {"error_description":"Parameter client_assertion_type is missing","error":"invalid_client"} (errorCode=69)
 

 

Cause

Tableau Server does not currently support a signed Json Web Token instead of a secret.
Lösning

Option 1:
Make sure the Client authentication in Keycloak is set to "client ID and secret". For more information, please refer to the third-party links below

           https://www.keycloak.org/securing-apps/authz-client

Refer Client authentication

By default, there are three ways to authenticate the client: client ID and client secret, client authentication with signed JWT, or client authentication with signed JWT using client secret.


Option 2:
Make sure the vizportal.openid.client_authentication parameter is set to "client_secret_basic" (the Tableau default). For more information, please refer to Error 69: "Unable to Sign In".

  • tsm configuration set -k vizportal.openid.client_authentication -v client_secret_basic
  • tsm pending-changes apply


*Although we make every effort to ensure links to external websites are accurate, up to date, and relevant, Tableau cannot take responsibility for the accuracy or freshness of pages maintained by external providers. Contact the external site for answers to questions regarding its content.

Knowledge-artikelnummer

001496717

 
Laddar
Salesforce Help | Article