OIDC - Microsoft ADFS #1474

New Issue

MrUnknownDE · 2026-04-05T19:30:02+02:00

MrUnknownDE commented

2026-04-05 19:30:02 +02:00

Originally created by @manelmolinaig on 5/19/2025

I would like to use ADFS as IdP but callback is not working properly, I can enter credentials on my ADFS login page, but when browser goes back to pangolin, I get the this error:

IdP Settings:

Authorization URL: https://FQDN/adfs/oauth2/authorize/
Token URL: https://FQDN/adfs/discovery/keys
Token Configuration: on identifier path I tried to use: sub, preferred_username and samaccountname (according to adfs claims)
Callback URL: https://FQDN/auth/idp/1/oidc/callback

Error from docker logs:


2025-05-19T12:17:57.045Z [error]: Unexpected error response
Stack: Error: Unexpected error response
    at sendTokenRequest (file:///app/node_modules/arctic/dist/request.js:74:11)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async OAuth2Client.validateAuthorizationCode (file:///app/node_modules/arctic/dist/client.js:66:24)
    at async gg (file:///app/dist/server.mjs:31:139872) {"status":405}

ADFS Claims:

From docker container terminal using wget I can reach ADFS
I'm on version 1.4

Any idea?
Thanks!

*Originally created by @manelmolinaig on 5/19/2025* I would like to use ADFS as IdP but callback is not working properly, I can enter credentials on my ADFS login page, but when browser goes back to pangolin, I get the this error: ![Image](https://github.com/user-attachments/assets/269774a3-eb8f-4f81-945f-8cf9e4b9a608) **IdP Settings:** Authorization URL: https://FQDN/adfs/oauth2/authorize/ Token URL: https://FQDN/adfs/discovery/keys Token Configuration: on identifier path I tried to use: sub, preferred_username and samaccountname (according to adfs claims) Callback URL: https://FQDN/auth/idp/1/oidc/callback **Error from docker logs:** ``` 2025-05-19T12:17:57.045Z [error]: Unexpected error response Stack: Error: Unexpected error response at sendTokenRequest (file:///app/node_modules/arctic/dist/request.js:74:11) at process.processTicksAndRejections (node:internal/process/task_queues:95:5) at async OAuth2Client.validateAuthorizationCode (file:///app/node_modules/arctic/dist/client.js:66:24) at async gg (file:///app/dist/server.mjs:31:139872) {"status":405} ``` **ADFS Claims:** ![Image](https://github.com/user-attachments/assets/5e198e31-dadc-4fa2-a3a4-1235de5b54f1) From docker container terminal using wget I can reach ADFS I'm on version 1.4 Any idea? Thanks!

MrUnknownDE closed this issue

2026-04-05 19:30:02 +02:00

Sign in to join this conversation.

Branches Tags

main

dev

dependabot/npm_and_yarn/dev-minor-updates-b4e5d6b9c5

revert-2766-feature/systemd-install-instructions

dependabot/npm_and_yarn/prod-patch-updates-05702d39f2

dependabot/npm_and_yarn/next-16.2.1

dependabot/npm_and_yarn/recharts-3.8.1

alerting-rules

private-site-ha

dependabot/docker/docker/library/node-25-slim

ssh

delete-account

msg-delivery

org-only-idp

cicd

patch

site-targets-auto-login

No Label stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale stale

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/pangolin#1474