SVI/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-05-11 18:51:53 -04:00
Code Issues 3.0k Packages Projects Releases 10 Wiki Activity

Can't login to dashboard & connect new devices with Netbird 0.30/0.31 & Authentik 2024.10 #1401

New Issue
Open
opened 2025-11-20 05:29:40 -05:00 by saavagebueno · 9 comments
saavagebueno commented 2025-11-20 05:29:40 -05:00
Owner
Copy Link

Originally created by @mradermaxlol on GitHub (Nov 6, 2024).

Describe the problem

I have an installation of Netbird (with PostgreSQL 16.4 as db backend) running with rootless podman(-compose). It's been working fine since 0.28.something paired with Authentik 2024.8. That installation has survived a couple updates just fine. Authentik was configured as Netbird's selfhosting wiki page says.

Recently I've updated and restarted both Netbird and Authentik to 0.30.3 (and then to 0.31.0) and 2024.10, respectively. The dashboard stopped logging users in, displaying a "Unauthorized" message with a logout button. The IDM itself is just fine.
At the same time existing clients can (re)connect to this Netbird instance; initiating new log-ins (netbird up --admin-url $URL --management-url $URL) results in the following error being returned:
2024-11-06T10:10:35+03:00 WARN client/cmd/root.go:244: retrying Login to the Management service in 606.5454ms due to error rpc error: code = Unknown desc = no SSO provider returned from management. Please proceed with setting up this device using setup keys https://docs.netbird.io/how-to/register-machines-using-setup-keys

Rolling Netbird/Authentik back doesn't help at all. No errors to be found in the logs.
I think it might have something to do with the Authentik side of things. 2024.10 introduced a built-in captcha stage and opt-in token encryption. Maybe some inner workings have also been changed, but I haven't seen that in the changelogs.

Considering that rolling versions back doesn't help - could something in the database get messed up? I have to note that I've tried rolling Netbird back only from 0.30.Y ti 0.30.X, before the upgrade to 0.31.0. After the upgrade to 0.31.0 I haven't tried rolling back to 0.30.X, so no database issues should arise from that in particular.

To Reproduce

Steps to reproduce the behavior:

  1. Use latest Netbird (0.31.0; or try to upgrade from 0.30.0 first)
  2. Use latest Authentik (2024.10; or try to upgrade from 2024.08 first)
  3. Try to log into dashboard or connect a new device
  4. Experience the error described above

Expected behavior

Dashboard opens as normal. New logins happen as normal.

Are you using NetBird Cloud?

No, it's a self-hosted instance.

NetBird version

0.31.0

NetBird status -dA output:

None.

Do you face any (non-mobile) client issues?

Yes (new logins fail, existing logins work fine).

Screenshots

image

In the Network debugging section I can see a request to https://netbird.some.fqdn/api/users failing with HTTP code 401:
image

Additional context
Netbird and Authentik are hosted behind a reverse proxy. Could that be related? It worked fine before the upgrade, though.
Reverse proxy config:

server {
    include upstreams/upstreams_netbird.conf;

    listen 443 ssl;
    server_name netbird.some.fqdn;

    # https://stackoverflow.com/a/67805465
    client_header_timeout 1d;
    client_body_timeout 1d;

    # netbird-dashboard
    location / {
        include misc/headers.conf;
        include misc/proxy.conf;
        proxy_pass http://$upstream_netbird_dashboard;
    }

    # netbird-signal-grpc
    location /signalexchange.SignalExchange/ {
        grpc_read_timeout 1d;
        grpc_send_timeout 1d;
        grpc_socket_keepalive on;
        grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        grpc_pass grpc://$upstream_netbird_signal_grpc;
    }

    # netbird-management
    location /api {
        include misc/headers.conf;
        include misc/proxy.conf;
        proxy_pass http://$upstream_netbird_management_http_grpc;
    }

    # netbird-management-grpc
    location /management.ManagementService/ {
        grpc_read_timeout 1d;
        grpc_send_timeout 1d;
        grpc_socket_keepalive on;
        grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        grpc_pass grpc://$upstream_netbird_management_http_grpc;
    }

    # netbird-relay
    location /relay/ {
        include misc/headers.conf;
        include misc/proxy.conf;
        proxy_pass http://$upstream_netbird_relay/relay;
    }
}
Originally created by @mradermaxlol on GitHub (Nov 6, 2024). **Describe the problem** I have an installation of Netbird (with PostgreSQL 16.4 as db backend) running with rootless podman(-compose). It's been working fine since 0.28.something paired with Authentik 2024.8. That installation has survived a couple updates just fine. Authentik was configured as Netbird's selfhosting wiki page says. Recently I've updated and restarted both Netbird and Authentik to 0.30.3 (and then to 0.31.0) and 2024.10, respectively. The dashboard stopped logging users in, displaying a "Unauthorized" message with a logout button. The IDM itself is just fine. At the same time existing clients can (re)connect to this Netbird instance; initiating new log-ins (`netbird up --admin-url $URL --management-url $URL`) results in the following error being returned: `2024-11-06T10:10:35+03:00 WARN client/cmd/root.go:244: retrying Login to the Management service in 606.5454ms due to error rpc error: code = Unknown desc = no SSO provider returned from management. Please proceed with setting up this device using setup keys https://docs.netbird.io/how-to/register-machines-using-setup-keys` Rolling Netbird/Authentik back doesn't help at all. No errors to be found in the logs. I think it might have something to do with the Authentik side of things. 2024.10 introduced a built-in captcha stage and opt-in token encryption. Maybe some inner workings have also been changed, but I haven't seen that in the changelogs. Considering that rolling versions back doesn't help - could something in the database get messed up? I have to note that I've tried rolling Netbird back only from 0.30.Y ti 0.30.X, before the upgrade to 0.31.0. After the upgrade to 0.31.0 I **haven't** tried rolling back to 0.30.X, so no database issues should arise from that in particular. **To Reproduce** Steps to reproduce the behavior: 1. Use latest Netbird (0.31.0; or try to upgrade from 0.30.0 first) 2. Use latest Authentik (2024.10; or try to upgrade from 2024.08 first) 3. Try to log into dashboard or connect a new device 4. Experience the error described above **Expected behavior** Dashboard opens as normal. New logins happen as normal. **Are you using NetBird Cloud?** No, it's a self-hosted instance. **NetBird version** `0.31.0` **NetBird status -dA output:** None. **Do you face any (non-mobile) client issues?** Yes (new logins fail, existing logins work fine). **Screenshots** ![image](https://github.com/user-attachments/assets/14597b94-09f2-4a45-89ef-c5595b6fd5a5) In the Network debugging section I can see a request to `https://netbird.some.fqdn/api/users` failing with HTTP code 401: ![image](https://github.com/user-attachments/assets/05a55ec1-4de2-40cc-a470-2e38e801dc33) **Additional context** Netbird and Authentik are hosted behind a reverse proxy. Could that be related? It worked fine before the upgrade, though. Reverse proxy config: ``` server { include upstreams/upstreams_netbird.conf; listen 443 ssl; server_name netbird.some.fqdn; # https://stackoverflow.com/a/67805465 client_header_timeout 1d; client_body_timeout 1d; # netbird-dashboard location / { include misc/headers.conf; include misc/proxy.conf; proxy_pass http://$upstream_netbird_dashboard; } # netbird-signal-grpc location /signalexchange.SignalExchange/ { grpc_read_timeout 1d; grpc_send_timeout 1d; grpc_socket_keepalive on; grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for; grpc_pass grpc://$upstream_netbird_signal_grpc; } # netbird-management location /api { include misc/headers.conf; include misc/proxy.conf; proxy_pass http://$upstream_netbird_management_http_grpc; } # netbird-management-grpc location /management.ManagementService/ { grpc_read_timeout 1d; grpc_send_timeout 1d; grpc_socket_keepalive on; grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for; grpc_pass grpc://$upstream_netbird_management_http_grpc; } # netbird-relay location /relay/ { include misc/headers.conf; include misc/proxy.conf; proxy_pass http://$upstream_netbird_relay/relay; } } ```
saavagebueno added the waiting-feedbacktriage-needed labels 2025-11-20 05:29:40 -05:00
saavagebueno commented 2025-11-20 05:29:41 -05:00
Author
Owner
Copy Link

@stevo11811 commented on GitHub (Nov 6, 2024):

Commenting so i can track this, i installed 0.31 yesterday and while the existing clients worked any new clients would not work, if a client was disconnected and reconnected it would also fail. Due to the database changes i was forced to restore the entire virtual machine to downgrade.

EDIT: I suspect your downgrade issues are due to the database changes as noted in the github changelog "Because of a database migration where the setup-keys are being hashed, a downgrade is no longer possible without restoring a backup. So, testing and making"

@stevo11811 commented on GitHub (Nov 6, 2024): Commenting so i can track this, i installed 0.31 yesterday and while the existing clients worked any new clients would not work, if a client was disconnected and reconnected it would also fail. Due to the database changes i was forced to restore the entire virtual machine to downgrade. EDIT: I suspect your downgrade issues are due to the database changes as noted in the github changelog "Because of a database migration where the setup-keys are being hashed, a downgrade is no longer possible without restoring a backup. So, testing and making"
saavagebueno commented 2025-11-20 05:29:41 -05:00
Author
Owner
Copy Link

@mradermaxlol commented on GitHub (Nov 7, 2024):

EDIT: I suspect your downgrade issues are due to the database changes as noted in the github changelog "Because of a database migration where the setup-keys are being hashed, a downgrade is no longer possible without restoring a backup. So, testing and making"

I have explicitly noted that I have not tried downgrading from 0.31.0 to 0.30.X due to those very changes.

@mradermaxlol commented on GitHub (Nov 7, 2024): > EDIT: I suspect your downgrade issues are due to the database changes as noted in the github changelog "Because of a database migration where the setup-keys are being hashed, a downgrade is no longer possible without restoring a backup. So, testing and making" I have explicitly noted that I have **not** tried downgrading from 0.31.0 to 0.30.X due to those very changes.
saavagebueno commented 2025-11-20 05:29:41 -05:00
Author
Owner
Copy Link

@mradermaxlol commented on GitHub (Nov 8, 2024):

I tried dropping Netbird's PostgreSQL DB and dashboard & auth started working again. Diff'ing the original database with the fresh one got me nothing - things look normal, though the order of some keys has changed, e.g.:
(original DB)
-COPY public.setup_keys (id, account_id, key, name, type, created_at, expires_at, updated_at, revoked, used_times, last_used, auto_groups, usage_limit, ephemeral, key_secret) FROM stdin;

(fresh DB)
+COPY public.setup_keys (id, account_id, key, key_secret, name, type, created_at, expires_at, updated_at, revoked, used_times, last_used, auto_groups, usage_limit, ephemeral) FROM stdin;

Is this not normal?

@mradermaxlol commented on GitHub (Nov 8, 2024): I tried dropping Netbird's PostgreSQL DB and dashboard & auth started working again. Diff'ing the original database with the fresh one got me nothing - things look normal, though the order of some keys has changed, e.g.: (original DB) ```-COPY public.setup_keys (id, account_id, key, name, type, created_at, expires_at, updated_at, revoked, used_times, last_used, auto_groups, usage_limit, ephemeral, key_secret) FROM stdin;``` (fresh DB) ```+COPY public.setup_keys (id, account_id, key, key_secret, name, type, created_at, expires_at, updated_at, revoked, used_times, last_used, auto_groups, usage_limit, ephemeral) FROM stdin;``` Is this not normal?
saavagebueno commented 2025-11-20 05:29:41 -05:00
Author
Owner
Copy Link

@mradermaxlol commented on GitHub (Nov 8, 2024):

dashboard & auth started working again

Nevermind, only auth with setup keys got back up. Output of netbird up --admin-url https://netbird.some.fqdn --management-url https://netbird.some.fqdn:

WARN client/cmd/root.go:244: retrying Login to the Management service in 1.394506528s due to error rpc error: code = Unknown desc = no SSO provider returned from management. Please proceed with setting up this device using setup keys https://docs.netbird.io/how-to/register-machines-using-setup-keys
[...]
Error: login backoff cycle failed: rpc error: code = Unknown desc = no SSO provider returned from management. Please proceed with setting up this device using setup keys https://docs.netbird.io/how-to/register-machines-using-setup-keys

I can see the following in Netbird service logs while trying to auth a client:

WARN [context: GRPC, requestID: REQUEST_UUID, accountID: UNKNOWN, peerID: PEER_ID] management/server/grpcserver.go:426: failed logging in peer PEER_ID: no peer auth method provided, please use a setup key or interactive SSO login

Apparently, that happens when trying to connect a Linux client. Android client connect just fine, app redirects me to the SSO page correctly.

My compose.yml for Netbird is:

services:
  netbird-dashboard:
    image: netbirdio/dashboard:v2.7.0
    restart: always
    env_file: ../../env/netbird/netbird-dashboard.env
    logging:
      driver: none
    healthcheck:
      start_period: 5s
      timeout: 3s
      interval: 15s
      retries: 2
      test: "curl -f http://netbird-dashboard:80 || exit 1"
    networks:
      - dmz_reverse_proxy

  netbird-signal:
    image: netbirdio/signal:0.31.0
    restart: always
    # healthcheck:
      # start_period: 5s
      # timeout: 3s
      # interval: 15s
      # retries: 2
      # test: "ps aux | grep -v grep | grep -q netbird-signal || exit 1"
    volumes:
      - netbird-signal_data:/var/lib/netbird:Z,rw
    networks:
      - dmz_reverse_proxy

  netbird-management:
    image: netbirdio/management:0.31.0
    restart: always
    env_file: ../../env/netbird/netbird-management.env
    command: [
      "--port", "33073",
      "--metrics-port", "9090",
      "--log-file", "console",
      "--log-level", "warn",
      "--disable-single-account-mode=false",
      "--disable-anonymous-metrics=true",
      "--disable-geolite-update=true",
      "--single-account-mode-domain=netbird.ldap.domain",
      "--dns-domain=netbird.ldap.domain"
    ]
    depends_on:
      - netbird-dashboard
    healthcheck:
      start_period: 5s
      timeout: 3s
      interval: 15s
      retries: 2
      test: "ps aux | grep -v grep | grep -q netbird-mgmt || exit 1"
    volumes:
      - /mnt/containers/sockets/common:/mnt/sockets/common:z,rw
      - ./netbird_config/management.json:/etc/netbird/management.json:Z,rw
      - netbird-management_data:/var/lib/netbird:Z,rw
    networks:
      - dmz_reverse_proxy

  netbird-relay:
    image: netbirdio/relay:0.31.0
    restart: always
    env_file: ../../env/netbird/netbird-relay.env
    # healthcheck:
      # start_period: 5s
      # timeout: 3s
      # interval: 15s
      # retries: 2
      # test: "ps aux | grep -v grep | grep -q netbird-relay || exit 1"
    networks:
      - dmz_reverse_proxy

volumes:
  netbird-management_data:
  netbird-signal_data:

networks:
  dmz_reverse_proxy:
    external: true

netbird-dashboard.env:

# Endpoints
NETBIRD_MGMT_API_ENDPOINT=https://netbird.some.fqdn
NETBIRD_MGMT_GRPC_API_ENDPOINT=https://netbird.some.fqdn

# OIDC
AUTH_AUDIENCE=[CLIENT_ID]
AUTH_CLIENT_ID=[CLIENT_ID]
AUTH_CLIENT_SECRET=
AUTH_AUTHORITY=https://idm.some.fqdn/application/o/netbird/
USE_AUTH0=false
AUTH_SUPPORTED_SCOPES=openid profile email offline_access api
AUTH_REDIRECT_URI=
AUTH_SILENT_REDIRECT_URI=
NETBIRD_TOKEN_SOURCE=accessToken

# configuration for reverse-proxy-side SSL/TLS
NGINX_SSL_PORT=443
LETSENCRYPT_DOMAIN=
LETSENCRYPT_EMAIL=

netbird-management.env:

NETBIRD_STORE_ENGINE_POSTGRES_DSN=host=/mnt/sockets/common port=5432 user=NETBIRD_DB_USER password=NETBIRD_DB_USER_PASSWORD dbname=NETBIRD_DB

netbird-relay.env:

NB_LOG_LEVEL=warning
NB_LISTEN_ADDRESS=:20000
NB_EXPOSED_ADDRESS=rels://netbird.some.fqdn:443/relay
NB_AUTH_SECRET=[AUTH_SECRET]

EDIT: apparently, it's only my local machine that fails to connect. Deleting config.json and /var/lib/netbird does not help somehow. Will try to investigate a bit.

@mradermaxlol commented on GitHub (Nov 8, 2024): > dashboard & auth started working again Nevermind, only auth with setup keys got back up. Output of `netbird up --admin-url https://netbird.some.fqdn --management-url https://netbird.some.fqdn`: ``` WARN client/cmd/root.go:244: retrying Login to the Management service in 1.394506528s due to error rpc error: code = Unknown desc = no SSO provider returned from management. Please proceed with setting up this device using setup keys https://docs.netbird.io/how-to/register-machines-using-setup-keys [...] Error: login backoff cycle failed: rpc error: code = Unknown desc = no SSO provider returned from management. Please proceed with setting up this device using setup keys https://docs.netbird.io/how-to/register-machines-using-setup-keys ``` I can see the following in Netbird service logs while trying to auth a client: ``` WARN [context: GRPC, requestID: REQUEST_UUID, accountID: UNKNOWN, peerID: PEER_ID] management/server/grpcserver.go:426: failed logging in peer PEER_ID: no peer auth method provided, please use a setup key or interactive SSO login ``` Apparently, that happens when trying to connect a Linux client. Android client connect just fine, app redirects me to the SSO page correctly. My `compose.yml` for Netbird is: ```compose services: netbird-dashboard: image: netbirdio/dashboard:v2.7.0 restart: always env_file: ../../env/netbird/netbird-dashboard.env logging: driver: none healthcheck: start_period: 5s timeout: 3s interval: 15s retries: 2 test: "curl -f http://netbird-dashboard:80 || exit 1" networks: - dmz_reverse_proxy netbird-signal: image: netbirdio/signal:0.31.0 restart: always # healthcheck: # start_period: 5s # timeout: 3s # interval: 15s # retries: 2 # test: "ps aux | grep -v grep | grep -q netbird-signal || exit 1" volumes: - netbird-signal_data:/var/lib/netbird:Z,rw networks: - dmz_reverse_proxy netbird-management: image: netbirdio/management:0.31.0 restart: always env_file: ../../env/netbird/netbird-management.env command: [ "--port", "33073", "--metrics-port", "9090", "--log-file", "console", "--log-level", "warn", "--disable-single-account-mode=false", "--disable-anonymous-metrics=true", "--disable-geolite-update=true", "--single-account-mode-domain=netbird.ldap.domain", "--dns-domain=netbird.ldap.domain" ] depends_on: - netbird-dashboard healthcheck: start_period: 5s timeout: 3s interval: 15s retries: 2 test: "ps aux | grep -v grep | grep -q netbird-mgmt || exit 1" volumes: - /mnt/containers/sockets/common:/mnt/sockets/common:z,rw - ./netbird_config/management.json:/etc/netbird/management.json:Z,rw - netbird-management_data:/var/lib/netbird:Z,rw networks: - dmz_reverse_proxy netbird-relay: image: netbirdio/relay:0.31.0 restart: always env_file: ../../env/netbird/netbird-relay.env # healthcheck: # start_period: 5s # timeout: 3s # interval: 15s # retries: 2 # test: "ps aux | grep -v grep | grep -q netbird-relay || exit 1" networks: - dmz_reverse_proxy volumes: netbird-management_data: netbird-signal_data: networks: dmz_reverse_proxy: external: true ``` `netbird-dashboard.env`: ``` # Endpoints NETBIRD_MGMT_API_ENDPOINT=https://netbird.some.fqdn NETBIRD_MGMT_GRPC_API_ENDPOINT=https://netbird.some.fqdn # OIDC AUTH_AUDIENCE=[CLIENT_ID] AUTH_CLIENT_ID=[CLIENT_ID] AUTH_CLIENT_SECRET= AUTH_AUTHORITY=https://idm.some.fqdn/application/o/netbird/ USE_AUTH0=false AUTH_SUPPORTED_SCOPES=openid profile email offline_access api AUTH_REDIRECT_URI= AUTH_SILENT_REDIRECT_URI= NETBIRD_TOKEN_SOURCE=accessToken # configuration for reverse-proxy-side SSL/TLS NGINX_SSL_PORT=443 LETSENCRYPT_DOMAIN= LETSENCRYPT_EMAIL= ``` `netbird-management.env`: ``` NETBIRD_STORE_ENGINE_POSTGRES_DSN=host=/mnt/sockets/common port=5432 user=NETBIRD_DB_USER password=NETBIRD_DB_USER_PASSWORD dbname=NETBIRD_DB ``` `netbird-relay.env`: ``` NB_LOG_LEVEL=warning NB_LISTEN_ADDRESS=:20000 NB_EXPOSED_ADDRESS=rels://netbird.some.fqdn:443/relay NB_AUTH_SECRET=[AUTH_SECRET] ``` EDIT: apparently, it's only my local machine that fails to connect. Deleting `config.json` and `/var/lib/netbird` does not help somehow. Will try to investigate a bit.
saavagebueno commented 2025-11-20 05:29:41 -05:00
Author
Owner
Copy Link

@Spiritreader commented on GitHub (Nov 21, 2024):

I can reproduce your issue, authentik 2024.8.5 works fine, 2024.10.x fails.

Access to fetch at 'https://authentik.domain.org/application/o/netbird/.well-known/openid-configuration' 
from origin 'https://netbird.domain.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is 
present on the requested resource. 
If an opaque response serves your needs, set the request's mode to 'no-cors' 
to fetch the resource with CORS disabled.

Browser claims it's a cors issue, so I wonder if configuration changes in authentik are needed?

Update: Okay, never mind. The issue remains when reverting the Authentik version back to 2024.8.5

Update: Ok I resolved the cors issue, but now I'm also stuck at "Token invalid" with authentik 2024.8.6

Update: See https://github.com/netbirdio/netbird/issues/2941 for a workaround that most likely will resolve the issue.

@Spiritreader commented on GitHub (Nov 21, 2024): I can reproduce your issue, authentik 2024.8.5 works fine, 2024.10.x fails. ``` Access to fetch at 'https://authentik.domain.org/application/o/netbird/.well-known/openid-configuration' from origin 'https://netbird.domain.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled. ``` ~~Browser claims it's a cors issue, so I wonder if configuration changes in authentik are needed?~~ Update: Okay, never mind. The issue remains when reverting the Authentik version back to 2024.8.5 Update: Ok I resolved the cors issue, but now I'm also stuck at "Token invalid" with authentik 2024.8.6 Update: See https://github.com/netbirdio/netbird/issues/2941 for a workaround that most likely will resolve the issue.
saavagebueno commented 2025-11-20 05:29:41 -05:00
Author
Owner
Copy Link

@whirlthesquirrel commented on GitHub (Nov 27, 2024):

Are you using the password of the Netbird service account in Authentik? I was receiving the same error until I changed the password to be an "App password" token (Directory -> Tokens and App passwords) for the service account in Authentik instead.

@whirlthesquirrel commented on GitHub (Nov 27, 2024): Are you using the password of the Netbird service account in Authentik? I was receiving the same error until I changed the password to be an "App password" token (Directory -> Tokens and App passwords) for the service account in Authentik instead.
saavagebueno commented 2025-11-20 05:29:42 -05:00
Author
Owner
Copy Link

@ne0YT commented on GitHub (Dec 16, 2024):

this fixed it for me (1st part):

https://github.com/netbirdio/netbird/issues/1657#issuecomment-2127732511

@ne0YT commented on GitHub (Dec 16, 2024): this fixed it for me (1st part): https://github.com/netbirdio/netbird/issues/1657#issuecomment-2127732511
saavagebueno commented 2025-11-20 05:29:42 -05:00
Author
Owner
Copy Link

@nazarewk commented on GitHub (Apr 28, 2025):

Hello @mradermaxlol,

We're currently reviewing our open issues and would like to verify if this problem still exists in the latest NetBird version.

Could you please confirm if the issue is still there?

We may close this issue temporarily if we don't hear back from you within 2 weeks, but feel free to reopen it with updated information.

Thanks for your contribution to improving the project!

@nazarewk commented on GitHub (Apr 28, 2025): Hello @mradermaxlol, We're currently reviewing our open issues and would like to verify if this problem still exists in the [latest NetBird version](https://github.com/netbirdio/netbird/releases). Could you please confirm if the issue is still there? We may close this issue temporarily if we don't hear back from you within **2 weeks**, but feel free to reopen it with updated information. Thanks for your contribution to improving the project!
saavagebueno commented 2025-11-20 05:29:42 -05:00
Author
Owner
Copy Link

@scr4tchy commented on GitHub (Jun 1, 2025):

FWIW I cannot use Authentik - 401s after login.

Also, the docs still ask to create a service account and configure NETBIRD_IDP_MGMT_EXTRA_USERNAME / ``NETBIRD_IDP_MGMT_EXTRA_PASSWORD` while those variables are clearly not used in the code anymore..

So clearly something is off here.

@scr4tchy commented on GitHub (Jun 1, 2025): FWIW I cannot use Authentik - 401s after login. Also, the docs still ask to create a service account and configure `NETBIRD_IDP_MGMT_EXTRA_USERNAME` / ``NETBIRD_IDP_MGMT_EXTRA_PASSWORD` while those variables are clearly not used in the code anymore.. So clearly something is off here.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
2021 Q4
2022 Q1
2022 Q1
accessibility
acl
agent
agent
Android
Android
api
authentik
automation
azure
battery-usage
bug
cache
client
client-ui
cloud
cloud-only
cloudflare
community
compatibility
config-idp
config-issue
connection
contribution
coturn
cross-vpn
dashboard
data-usage
distribution
dns
docker
documentation
duplicate
enhancement
enhancement
event-stream
feature-request
freebsd
getting-started
go
good first issue
gui
help wanted
home-assistant
idp
inconsistency
integration
integrations
ios
ipv6
jwt
k8s
keycloak
linux
login
macos
management-service
missing-docs
mobile
moved-internal
needs-review
netbird-ui
networking
new-platform
nginx
notification
okta
openwrt
packaging
peer-management
peer-management
peer-management
performance
postgres
posture-checks
psk
pull-request
Mirrored from GitHub Pull Request
 question
refactor
relay
release
rfc
routes
security
security-related
self-hosting
server
signal
sleep-issue
ssh
ssl
status
store
synology
system-compatibility-issue
test-suite
third-party-integration
triage
triage-needed
troubleshooting
UX
waiting-feedback
windows
wontfix
zitadel
No Label triage-needed waiting-feedback
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
saavagebueno
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: SVI/netbird#1401
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?