Issues connecting Immich to Jumpcloud via Oauth/OIDC, Cannot Login
Hi everyone!
I've setup Immich to authenticate against Jumpcloud using the oauth functionality built-in to immich. I ran a problem immediately as Jumpcloud only allows for https redirect URIs, so I setup Zoraxy as a reverse proxy to redirect https://immich.mydomain.com -> 192.168.3.174:2283.
After this, logging in w/ OAuth would send to me Jumpcloud then back to Immich login etc, and the F12 menu seemed to show that Immich was expectingJumpcloud to be using the "Basic" client authentication type. I recreated the app in Jumpcloud, chose "Login with OAuth" in Immich, and now I get a "failed to finish oauth" error message. I get a similar error if I try to link my account to Oauth. I've attached the error I get in the Docker logs when doing either of these options. I can see these requests go back and forth in the F12 -> Network menu in a web browser. It goes to Jumpcloud, authenticates me correctly, then sends me back to Immich but it fails there. If there is something specific I can send from the F12 menu let me know.
I've also attached screenshots of my OAuth config in Immich and Jumpcloud, and the docker-compose.yml. This is a fresh install of Debian 12, so it shouldn't have any custom .env variables. I didn't see anything in /etc/environment or .bashrc. The default is in .profile, see the attached .txt. Also, in the Immich oauth config screenshot you'll see profile signing algo is empty. I just did that as a test to see if it would say what the default is, I thought I put it in manually.
Edit, I tried this with a different account in jumpcloud to see if it would create a new account in Immich and let me in that way, but that didn't work either.
Let me know what else I can send over.
I've setup Immich to authenticate against Jumpcloud using the oauth functionality built-in to immich. I ran a problem immediately as Jumpcloud only allows for https redirect URIs, so I setup Zoraxy as a reverse proxy to redirect https://immich.mydomain.com -> 192.168.3.174:2283.
After this, logging in w/ OAuth would send to me Jumpcloud then back to Immich login etc, and the F12 menu seemed to show that Immich was expectingJumpcloud to be using the "Basic" client authentication type. I recreated the app in Jumpcloud, chose "Login with OAuth" in Immich, and now I get a "failed to finish oauth" error message. I get a similar error if I try to link my account to Oauth. I've attached the error I get in the Docker logs when doing either of these options. I can see these requests go back and forth in the F12 -> Network menu in a web browser. It goes to Jumpcloud, authenticates me correctly, then sends me back to Immich but it fails there. If there is something specific I can send from the F12 menu let me know.
I've also attached screenshots of my OAuth config in Immich and Jumpcloud, and the docker-compose.yml. This is a fresh install of Debian 12, so it shouldn't have any custom .env variables. I didn't see anything in /etc/environment or .bashrc. The default is in .profile, see the attached .txt. Also, in the Immich oauth config screenshot you'll see profile signing algo is empty. I just did that as a test to see if it would say what the default is, I thought I put it in manually.
Edit, I tried this with a different account in jumpcloud to see if it would create a new account in Immich and let me in that way, but that didn't work either.
Let me know what else I can send over.
new_9.txt168B
