Google OpenID SSO Login Error

Great project!

Just got it up and running and only have the admin account. I set up SSO with Google OpenID but when I try to login with google, I receive the error “OpenIDConnect Error: not_found”. I looked at the firezone, caddy, and postgres logs but they were unhelpful. The firezone log did show the same error but nothing additional that was useful. I’ve tried it with Auto Create Users both on and off and receive the same error.

Is it because I’m logging in as the admin user which is the same email as my google email?

Hello @smcan, what if your Firezone version? I think it’s due to a bug that was fixed yesterday: 0.7.5 - Next problems with SAML auth (Google) · Issue #1362 · firezone/firezone · GitHub

Also, please make sure that ID of your configuration is not saml, it’s a reserved word and you should not be able to create such config in 0.7.6

version is 0.7.6. Not using SAML but OpenID. The word SAML is not in any of my configuration.

Oh, sorry. The same issue could happen with OpenID Connect config if you give it an id oidc. Additionally, you can get this error if the callback URL is not configured properly on the Google end (eg. it points to a wrong config ID).

Using the following from the documentation (but with my actual domain):

Is there something else that is supposed to be a part of the URL?

Ohhh, I think I see. I’m supposed to replace the word google in the URL with my config id?

Yes, you need to replace it :slight_smile:

That was it. You gave me enough hint to figure it out. Thanks!

You are welcome, enjoy Firezone!