+- Jellyfin Forum (https://forum.jellyfin.org)
+-- Forum: Support (https://forum.jellyfin.org/f-support)
+--- Forum: General Questions (https://forum.jellyfin.org/f-general-questions)
+--- Thread: Trying to authenticate and authorize through Authelia - group problem (/t-trying-to-authenticate-and-authorize-through-authelia-group-problem)
Trying to authenticate and authorize through Authelia - group problem - Wpq - 2024-09-23
I just configured Jellyfin to use Authelia as its SSO, I managed to get to the consent screen but I get an
Error. Check permissions. afterward.On the Jellyfin side, the relevant logs are (redacted data is
XXX)
2024-09-22T20:01:56.850957096Z [20:01:56] [INF] [3] Jellyfin.Plugin.SSO_Auth.Api.SSOController: SSO Controller initialized
2024-09-22T20:01:57.239342005Z [20:01:57] [WRN] [3] Jellyfin.Plugin.SSO_Auth.Api.SSOController: OpenID user 17ac7f06-XXX has one or more incorrect role claims: [{"Type": "amr", "Value": "pwd"}, {"Type": "amr", "Value": "otp"}, {"Type": "amr", "Value": "mfa"}, {"Type": "azp", "Value": "jellyfin"}, {"Type": "client_id", "Value": "jellyfin"}, {"Type": "jti", "Value": "e5b2d6c9-XXX"}, {"Type": "name", "Value": "wojtek"}, {"Type": "preferred_username", "Value": "XXX"}, {"Type": "sub", "Value": "17ac7f06XXX"}]. Expected any one of: ["jellyfin-users"]
What does that mean? The user I am connecting as has both
jellyfin-admins and jellyfin-users defined in Authelia.
RE: Trying to authenticate and authorize through Authelia - group problem - Wpq - 2024-09-24
See https://github.com/9p4/jellyfin-plugin-sso/discussions/211#discussioncomment-10728536 for the answer