You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
export VAULT_ADDR="https://vault.org.tld"
vault login -no-print -method=oidc role=dev
Error authenticating: redirect would cause protocol downgrade
I tried cURLing to the endpoint and I can see the response from upstream is HTTP 307 as it redirects to /ui which is the default behaviour. So, I don't think I can set export VAULT_DISABLE_REDIRECTS=true as that is undesirable.
Expected behavior
Is there a way for the redirect to happen and the protocol be downgraded? As this was working fine before and is a sudden breaking change in 1.21 so I am hoping for a fix!
The text was updated successfully, but these errors were encountered:
Ah, somehow the Vault instance were using old peers in my cluster config and that was resulting in this error. I checked vault logs and found this issue.
Can be closed, although this error message was weird and let me into believing something client side has changed.
Describe the bug
A clear and concise description of what the bug is.
This command used to work before v1.21.1 was released:
vault login -no-print -method=oidc role=dev
Going through the release notes, I think this is related to this change #17352
To Reproduce
I've the following URLs for Gitlab OIDC'S
Redirect URI
:On using
vault login
, I get the following error:I tried cURLing to the endpoint and I can see the response from upstream is HTTP 307 as it redirects to
/ui
which is the default behaviour. So, I don't think I can setexport VAULT_DISABLE_REDIRECTS=true
as that is undesirable.Expected behavior
Is there a way for the redirect to happen and the protocol be downgraded? As this was working fine before and is a sudden breaking change in 1.21 so I am hoping for a fix!
The text was updated successfully, but these errors were encountered: