Skip to content

Must be logged into server, OIDC authenticator #1453

New issue
New issue
Open
Open
Must be logged into server, OIDC authenticator#1453
@A-Crawford

Description

@A-Crawford
A-Crawford
opened on Nov 24, 2025

Hello,

I am attempting to use Kube Login with Gitlab (self hosted) for OIDC.

I have managed to get KubeLogin opening Gitlab and returning a token, however any requests to the Kube API return 401: You must be logged into the server (Unauthorised)

I have looked at the logs for the Kube API and receive this error repeatedly

oidc authenticator: initializing plugin: Get "https://gitlab.com/.well-known/openid-configuration": tls: failed to verify certificate: x509: certificate signed by unknown authority

The gitlab self hosted server (URL replaced with standard 'GitLab' URL for privacy) has insecure TLS certificates which I have no control over. I have been able to use the flag --insecure-skip-tls-verify=true in the KubeLogin setup and consequent Kubeconfig however this doesn't resolve the failed login to the server itself.

Do you have any recommendations?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions