Configuring Authentik OIDC
Getting the following error after configuring Authentik authentication as per the wiki. I don't really have any idea what it's trying to tell me.
[Nest] 216 - 01/30/2025, 1:04:05 PM ERROR [Api:OAuthRepository~vv7kzb3j] Error in OAuth discovery: SyntaxError: Unexpected token '<', "<!doctype "... is not valid JSON
[Nest] 216 - 01/30/2025, 1:04:05 PM ERROR [Api:OAuthRepository~vv7kzb3j] SyntaxError: Unexpected token '<', "<!doctype "... is not valid JSON
at JSON.parse (<anonymous>)
at IncomingMessage.get (/app/immich/server/node_modules/openid-client/lib/helpers/request.js:156:30)
at processResponse (/app/immich/server/node_modules/openid-client/lib/helpers/process_response.js:55:25)
at Issuer.discover (/app/immich/server/node_modules/openid-client/lib/issuer.js:152:18)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async OAuthRepository.getClient (/app/immich/server/dist/repositories/oauth.repository.js:57:28)
at async OAuthRepository.authorize (/app/immich/server/dist/repositories/oauth.repository.js:27:24)
at async AuthService.authorize (/app/immich/server/dist/services/auth.service.js:131:21)
15 Replies
:wave: Hey @Spinnich,
Thanks for reaching out to us. Please carefully read this message and follow the recommended actions. This will help us be more effective in our support effort and leave more time for building Immich :immich:.
References
- Container Logs:
docker compose logs docs
- Container Status: docker ps -a docs
- Reverse Proxy: https://immich.app/docs/administration/reverse-proxy
- Code Formatting https://support.discord.com/hc/en-us/articles/210298617-Markdown-Text-101-Chat-Formatting-Bold-Italic-Underline#h_01GY0DAKGXDEHE263BCAYEGFJAChecklist
I have...
1. :blue_square: verified I'm on the latest release(note that mobile app releases may take some time).
2. :blue_square: read applicable release notes.
3. :blue_square: reviewed the FAQs for known issues.
4. :blue_square: reviewed Github for known issues.
5. :blue_square: tried accessing Immich via local ip (without a custom reverse proxy).
6. :blue_square: uploaded the relevant information (see below).
7. :blue_square: tried an incognito window, disabled extensions, cleared mobile app cache, logged out and back in, different browsers, etc. as applicable
(an item can be marked as "complete" by reacting with the appropriate number)
Information
In order to be able to effectively help you, we need you to provide clear information to show what the problem is. The exact details needed vary per case, but here is a list of things to consider:
- Your docker-compose.yml and .env files.
- Logs from all the containers and their status (see above).
- All the troubleshooting steps you've tried so far.
- Any recent changes you've made to Immich or your system.
- Details about your system (both software/OS and hardware).
- Details about your storage (filesystems, type of disks, output of commands like
fdisk -l and df -h).
- The version of the Immich server, mobile app, and other relevant pieces.
- Any other information that you think might be relevant.
Please paste files and logs with proper code formatting, and especially avoid blurry screenshots.
Without the right information we can't work out what the problem is. Help us help you ;)
If this ticket can be closed you can use the /close command, and re-open it later if needed.GitHub
immich-app immich · Discussions
Explore the GitHub Discussions forum for immich-app immich. Discuss code, ask questions & collaborate with the developer community.
FAQ | Immich
User
GitHub
Issues · immich-app/immich
High performance self-hosted photo and video management solution. - Issues · immich-app/immich
You'll probably need to post screenshots of your configuration, some URLs wrong
Like this?
And immich? Also are you logging into immich via domain?
Do you have a proxy inbetween in which you perhaps forgot to disable the simple auth? 😛
I do have a domain, and use a subdomain of immich.mydomain.com essentially.
I have NGINX Proxy Manager but it hasn't been a problem for Immich before this point.
Pretty sure that issuer url is wrong
Let me check mine when I get back to my desk
I pulled it right from the wiki, but maybe?
It's an Authentik URL
not an immich URL
Check the provider metadata tab
Oh you're right, I'm a dummy. Yeah that needs to be authentik.mydomain.com.... not immich.mydomain.com...
https://authentik.domain.com/application/o/immich/
Should be something like that
Yup
One moment, I bet that fixes it.
Yeah that did it. Browser and mobile app are working great now. 😮💨
Thank you for the help everyone! I just overlooked it because of how the wiki example was syntaxed.