You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is a bug where datasources are being authenticated against a specific authentication provider configuration, instead of automatically inheriting the authentication context from the user's login session.
Expected Behavior
Datasources should automatically inherit authentication from the user's login session and should not be tied to a specific authentication configuration.
Steps to reproduce
Log in as admin and create two generic OAuth providers (in our case, Keycloak), each representing a different realm.
Log out and log in using one of the two generic providers.
Create a datasource and set Authentication Type to OAuth2.0 (Inherit from login) and User Authentication Source to GENERIC.
Now log out and log in with the other generic provider.
Observe that the datasource is linked to a specific authentication provider configuration, instead of inheriting the authentication from the login session.
If this datasource is used by an application, it triggers the following error because it is linked to the first generic OAuth provider, rather than the one we are currently authenticated with.
Environment
Lowcoder version 2.4.10 is affected, but it's likely that the issue also impacts the latest version.
mode: ENTERPRISE
Additional Information
We use Keycloak as the OAuth provider to authenticate across multiple Keycloak realms. However, since Lowcoder doesn’t support multiple Keycloak providers, we had to configure separate generic OAuth providers, each representing a different Keycloak realm.
The text was updated successfully, but these errors were encountered:
Is there an existing issue for this?
Current Behavior
There is a bug where datasources are being authenticated against a specific authentication provider configuration, instead of automatically inheriting the authentication context from the user's login session.
Expected Behavior
Datasources should automatically inherit authentication from the user's login session and should not be tied to a specific authentication configuration.
Steps to reproduce
OAuth2.0 (Inherit from login)and User Authentication Source toGENERIC.Environment
Lowcoder version 2.4.10 is affected, but it's likely that the issue also impacts the latest version.
mode: ENTERPRISE
Additional Information
We use Keycloak as the OAuth provider to authenticate across multiple Keycloak realms. However, since Lowcoder doesn’t support multiple Keycloak providers, we had to configure separate generic OAuth providers, each representing a different Keycloak realm.
The text was updated successfully, but these errors were encountered: