Admin Portal Setup

Support
1

We are trying to deploy admin portal 1.2.0.1 with admin service 1.2.0.1.

Keycloak is well configured with the user with the global admin role

When we go to the portal, it redirects to keycloak for the authentication and after that whe have this error in the browser

{
“id”: null,
“version”: null,
“responsetime”: “2025-01-23T09:44:44.172Z”,
“metadata”: null,
“response”: null,
“errors”: [
{
“errorCode”: “KER-MSD-500”,
“message”: “KER-ACP-006 –\u003E Error Occured while getting access token from iam Code not valid; \nnested exception is org.springframework.web.client.HttpClientErrorException: 400 Bad Request”
}
]
}

This is the error we are getting in the admin service log

{“@timestamp”:“2025-01-23T09:16:33.407Z”,“level”:“ACCESS”,“level_value”:70000,“traceId”:“-”,“statusCode”:404,“req.requestURI”:“/”,“bytesSent”:431,“timeTaken”:0.018,“appName”:“admin-service”,“req.userAgent”:“Mozilla/5.0 (X11; Linux i686; rv:109.0) Gecko/20100101 Firefox/120.0”,“req.xForwardedFor”:“104.166.80.167”,“req.referer”:“-”,“req.method”:“GET”,“req.remoteHost”:“10.0.9.132”}
{“@timestamp”:“2025-01-23T09:20:11.807Z”,“@version”:“1”,“message”:“\n\n Exception : Authorization token not present > http://admin-service.atostogo.net/v1/admin/masterdata/configs\n\n",“logger_name”:“io.mosip.kernel.auth.defaultadapter.filter.AuthFilter”,“thread_name”:“http-nio-8098-exec-9”,“level”:“ERROR”,“level_value”:40000,“appName”:“admin-service”,“traceId”:“f141ed1af438a2f3”,“spanId”:“f141ed1af438a2f3”,“spanExportable”:“false”,“X-Span-Export”:“false”,“X-B3-SpanId”:“f141ed1af438a2f3”,“X-B3-TraceId”:"f141ed1af438a2f3”}
{“@timestamp”:“2025-01-23T09:20:11.809Z”,“level”:“ACCESS”,“level_value”:70000,“traceId”:“-”,“statusCode”:401,“req.requestURI”:“/v1/admin/masterdata/configs”,“bytesSent”:346,“timeTaken”:0.007,“appName”:“admin-service”,“req.userAgent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36”,“req.xForwardedFor”:“156.38.84.207”,“req.referer”:“Admin”}
{“@timestamp”:“2025-01-23T09:20:11.834Z”,“@version”:“1”,“message”:“\n\n Exception : Authorization token not present > http://admin-service.atostogo.net/v1/admin/authorize/admin/validateToken\n\n",“logger_name”:“io.mosip.kernel.auth.defaultadapter.filter.AuthFilter”,“thread_name”:“http-nio-8098-exec-12”,“level”:“ERROR”,“level_value”:40000,“appName”:“admin-service”,“traceId”:“def26c4857926830”,“spanId”:“def26c4857926830”,“spanExportable”:“false”,“X-Span-Export”:“false”,“X-B3-SpanId”:“def26c4857926830”,“X-B3-TraceId”:"def26c4857926830”}
{“@timestamp”:“2025-01-23T09:20:11.836Z”,“level”:“ACCESS”,“level_value”:70000,“traceId”:“-”,“statusCode”:401,“req.requestURI”:“/v1/admin/authorize/admin/validateToken”,“bytesSent”:346,“timeTaken”:0.005,“appName”:“admin-service”,“req.userAgent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36”,“req.xForwardedFor”:“156.38.84.207”,“req.referer”:“Admin”}
{“@timestamp”:“2025-01-23T09:20:11.946Z”,“@version”:“1”,“message”:“origin null”,“logger_name”:“io.mosip.kernel.auth.defaultadapter.filter.CorsFilter”,“thread_name”:“http-nio-8098-exec-2”,“level”:“INFO”,“level_value”:20000,“appName”:“admin-service”,“traceId”:“04e3a94d657d6a2b”,“spanId”:“04e3a94d657d6a2b”,“spanExportable”:“false”,“X-Span-Export”:“false”,“X-B3-SpanId”:“04e3a94d657d6a2b”,“X-B3-TraceId”:“04e3a94d657d6a2b”}
{“@timestamp”:“2025-01-23T09:20:11.947Z”,“@version”:“1”,“message”:“requesturl http://admin-service.atostogo.net/v1/admin/login/aHR0cHM6Ly9hZG1pbi5hdG9zdG9nby5uZXQv",“logger_name”:“io.mosip.kernel.auth.defaultadapter.filter.CorsFilter”,“thread_name”:“http-nio-8098-exec-2”,“level”:“INFO”,“level_value”:20000,“appName”:“admin-service”,“traceId”:“04e3a94d657d6a2b”,“spanId”:“04e3a94d657d6a2b”,“spanExportable”:“false”,“X-Span-Export”:“false”,“X-B3-SpanId”:“04e3a94d657d6a2b”,“X-B3-TraceId”:"04e3a94d657d6a2b”}
{“@timestamp”:“2025-01-23T09:20:11.958Z”,“level”:“ACCESS”,“level_value”:70000,“traceId”:“-”,“statusCode”:302,“req.requestURI”:“/v1/admin/login/aHR0cHM6Ly9hZG1pbi5hdG9zdG9nby5uZXQv”,“bytesSent”:-,“timeTaken”:0.013,“appName”:“admin-service”,“req.userAgent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36”,“req.xForwardedFor”:“156.38.84.207”,“req.referer”:“Admin”}
{“@timestamp”:“2025-01-23T09:20:11.981Z”,“@version”:“1”,“message”:“origin null”,“logger_name”:“io.mosip.kernel.auth.defaultadapter.filter.CorsFilter”,“thread_name”:“http-nio-8098-exec-11”,“level”:“INFO”,“level_value”:20000,“appName”:“admin-service”,“traceId”:“539c05bf37621709”,“spanId”:“539c05bf37621709”,“spanExportable”:“false”,“X-Span-Export”:“false”,“X-B3-SpanId”:“539c05bf37621709”,“X-B3-TraceId”:“539c05bf37621709”}
{“@timestamp”:“2025-01-23T09:20:11.981Z”,“@version”:“1”,“message”:“requesturl http://admin-service.atostogo.net/v1/admin/login/aHR0cHM6Ly9hZG1pbi5hdG9zdG9nby5uZXQv",“logger_name”:“io.mosip.kernel.auth.defaultadapter.filter.CorsFilter”,“thread_name”:“http-nio-8098-exec-11”,“level”:“INFO”,“level_value”:20000,“appName”:“admin-service”,“traceId”:“539c05bf37621709”,“spanId”:“539c05bf37621709”,“spanExportable”:“false”,“X-Span-Export”:“false”,“X-B3-SpanId”:“539c05bf37621709”,“X-B3-TraceId”:"539c05bf37621709”}
{“@timestamp”:“2025-01-23T09:20:11.993Z”,“level”:“ACCESS”,“level_value”:70000,“traceId”:“-”,“statusCode”:302,“req.requestURI”:“/v1/admin/login/aHR0cHM6Ly9hZG1pbi5hdG9zdG9nby5uZXQv”,“bytesSent”:-,“timeTaken”:0.014,“appName”:“admin-service”,“req.userAgent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36”,“req.xForwardedFor”:“156.38.84.207”,“req.referer”:“Admin”}
{“@timestamp”:“2025-01-23T09:20:29.097Z”,“@version”:“1”,“message”:“origin null”,“logger_name”:“io.mosip.kernel.auth.defaultadapter.filter.CorsFilter”,“thread_name”:“http-nio-8098-exec-1”,“level”:“INFO”,“level_value”:20000,“appName”:“admin-service”,“traceId”:“fb846f9d0da5bb68”,“spanId”:“fb846f9d0da5bb68”,“spanExportable”:“false”,“X-Span-Export”:“false”,“X-B3-SpanId”:“fb846f9d0da5bb68”,“X-B3-TraceId”:“fb846f9d0da5bb68”}
{“@timestamp”:“2025-01-23T09:20:29.098Z”,“@version”:“1”,“message”:“requesturl http://admin-service.atostogo.net/v1/admin/login-redirect/aHR0cHM6Ly9hZG1pbi5hdG9zdG9nby5uZXQv",“logger_name”:“io.mosip.kernel.auth.defaultadapter.filter.CorsFilter”,“thread_name”:“http-nio-8098-exec-1”,“level”:“INFO”,“level_value”:20000,“appName”:“admin-service”,“traceId”:“fb846f9d0da5bb68”,“spanId”:“fb846f9d0da5bb68”,“spanExportable”:“false”,“X-Span-Export”:“false”,“X-B3-SpanId”:“fb846f9d0da5bb68”,“X-B3-TraceId”:"fb846f9d0da5bb68”}
{“@timestamp”:“2025-01-23T09:20:29.129Z”,“level”:“ACCESS”,“level_value”:70000,“traceId”:“-”,“statusCode”:500,“req.requestURI”:“/v1/admin/login-redirect/aHR0cHM6Ly9hZG1pbi5hdG9zdG9nby5uZXQv”,“bytesSent”:328,“timeTaken”:0.033,“appName”:“admin-service”,“req.userAgent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36”,“req.xForwardedFor”:“156.38.84.207”,“req.referer”:“-”,“req.method”:“GET”,“req.remoteHost”:“10.0.9.132”}

Looking to hear from you soon

2

Hi @kishan_singh91 ,

Thank you for reaching out. We are currently looking into this issue and will get back to you shortly.

Best Regards,
Team MOSIP

3

Thanks, I’m waiting for you

4

Hello

Can I have an update about the setup, please?

5

Hi @kishan_singh91 ,

Based on the logs and information you provided, it appears there may be an issue with Keycloak and the auth manager.

  1. Have you restarted the auth manager after setting up Keycloak? If not, please do so, as it could resolve the token fetching issue.

  2. If you have already restarted the auth manager, check if you are able to obtain a token from the auth manager service. Validate the token as well; if the token is generating correctly and validation is successful, the admin portal should function. If it still does not work, there might be a problem with your Keycloak setup.

Regards,
Team MOSIP