HTTP 403: Ip Forbidden error when authenticating against Keycloak server

kmarkie · February 1, 2021, 12:18pm

Hi,

I’m new to Jupyterhub and I’m trying to configure it to use a Keycloak server for authentication.

This is my config.yaml:

proxy:
  secretToken: "<secret token>"
  service:
    loadBalancerIP: <ip address>
    
hub:
  config:
    Authenticator:
      auto_login: true
      enable_auth_state: true
    CryptKeeper:
      keys:
        - <key>
    GenericOAuthenticator:
      client_id: s2r-jupyterhub
      client_secret: <client secret>
      oauth_callback_url: http://<ip address>/hub/oauth_callback
      authorize_url: https://<keycloak url>/auth/realms/<realm>/protocol/openid-connect/auth
      token_url: https://<keycloak url>/auth/realms/<realm>/protocol/openid-connect/token
      userdata_url: https://<keycloak url>/auth/realms/<realm>/protocol/openid-connect/userinfo
      login_service: keycloak
      username_key: preferred_username
      userdata_params:
        state: state
    JupyterHub:
      authenticator_class: generic-oauth

However, after being directed to Keycloak then logging in and being redirected back to Jupyterhub, I am receiving this error:

The hub log says this:

Any help or pointers would be greatly appreciated

kmarkie · February 2, 2021, 10:28am

This was an issue on Keycloaks side, needed to add an entry to the firewall for the application.

Topic		Replies	Views
How to use keycloak to sign into JupyterHub? Zero to JupyterHub on Kubernetes help-wanted	1	4334	February 7, 2021
Keycloak identity management: 500 : Internal Server Error Zero to JupyterHub on Kubernetes	8	8282	December 24, 2021
JupyterHub and Keycloak on localhost? Zero to JupyterHub on Kubernetes help-wanted	8	1183	February 28, 2023
Binderhub oauth(keycloak) setup BinderHub	6	442	November 27, 2023
Jupyterhub-keycloak: login succeeds, spawn fails with auth_state None JupyterHub	1	565	March 8, 2022

HTTP 403: Ip Forbidden error when authenticating against Keycloak server

Related Topics