All users are disallowed with empty allowed_users

I have a JupyterHub following the Zero to JupyterHub with Kubernetes, using Keycloak for authentication.

Everything worked fine, until recently, when users were no authorized any more (they got 403 : Forbidden Sorry, you are not currently authorized to use this hub. Please contact the hub administrator.). I can circumvent this by manually authorizing them through hub.config.Authenticator.allowed_users in the helm config, but as far as I understand, leaving allowed_user empty should also work and simply authorize all authenticated user (which it did until recently).

Has anybody an idea what might be the issue? I’m using Helm chart version 3.0.3 with JupyterHub version 4.0.2, but everything worked well with the same versions before. Thank you for your help!

This was a breaking change to improve security in OAuthenticator- not everyone realised that for example using Github with no further restrictions would allow any GitHub user to log in by default
https://oauthenticator.readthedocs.io/en/stable/reference/changelog.html#breaking-changes
Setting OAuthenticator.allow_all to True should restore the old behaviour

Thank you very much! That was indeed it.