Troubleshooting the OAuth Proxy
Troubleshooting the OAuth proxy
To diagnose problems follow these steps:
Ensure the OAuth proxy deployment and pod are running in the proxy namespace
- Check the pod logs to ensure it is starting without errors
Ensure you can log in with the token as the service account and view the services in the target ACD namespace.
oc login https://api.yourserver.com:6443 --token <yourtoken> --insecure-skip-tls-verify=true- ensure your token is goodoc whoami- ensure you are the service accountoc get service merative-acd-acd -n ${acd_namespace}- In your ACD target namespace, ensure you can view the service as the service account user. If role binding is set up correctly, you will see the service info. If not, you will see an
Error from server (Forbidden).
- In your ACD target namespace, ensure you can view the service as the service account user. If role binding is set up correctly, you will see the service info. If not, you will see an
Check the proxy logs for access errors:
oc logs <pod> --namespace ${proxy_namespace}<pod>is the proxy pod name, for exampleproxy-749c996465-bt6zc${proxy_namespace}namespace where the proxy was installed
See Logging and Monitoring for more details.
Check the ACD instance logs for errors during request processing.
See Logging and Monitoring for more details.