By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

OIDC Provider Couldn't retrieve verification key from your identity provider

0

I am trying to create Keycloak as an Identity Provider in the console but I am getting a "Could not connect to openid configuration of provider" when I click get thumbprint.

I am able to create the OIDC provider through the CLI, but when I try to do a AssumeRoleWithWebIdentity call, I get "couldn't retrieve verification key from your identity provider, please reference AssumeRoleWithWebIdentity documentation for requirements"

I have referenced https://forums.aws.amazon.com/thread.jspa?threadID=248411&tstart=0 and https://forums.aws.amazon.com/thread.jspa?messageID=600673

The jwks uri exists at the provider url appended with "/.well-known/openid-configuration". I am using self signed certs for Keycloak, and still not entirely sure whether this is okay.

I have also referenced https://forums.aws.amazon.com/thread.jspa?threadID=254423 and have tried with both wildcard and non-wildcard self signed certs.

Been stuck on this for a while, anyone have any insight? Thank you.

Topics
Security, Identity, & Compliance
Tags
AWS Identity and Access Management
Language
English
shxpark
asked 2 years ago438 views
1 Answer
0

I"m also facing the same problem with Keycloak(IDP). Has there any luck? Did you able to get through this issue?

rePost-User-5257879
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content