'Argo Workflow SSO not working with Azure Active Directory B2C

We are trying to integrate Argo Workflow SSO with Azure Active Directory B2C. But it is not working. Though We are able to integrate this with Keycloak perfectly.

With Keycloak our argo-workflow configmap (workflow-controller-configmap) looks like below, which is working perfectly fine.

kubectl get cm workflow-controller-configmap -n argo -o yaml

apiVersion: v1
kind: ConfigMap
data:
  ...
  sso: |
    issuer: https://<keycloak-base-url>/auth/realms/<realm-name>
    clientId:
      name: argo-sso
      key: clientID
    clientSecret:
      name: argo-sso
      key: clientSecret
    redirectUrl: https://<argo-base-url>/oauth2/callback

But if I try to modify same with Azure Active Directory B2C url like below, it is not working:

sso: |
    issuer: https://<b2c-domain>.b2clogin.com/<azure-ad-b2c-tenant-id>/v2.0/
    clientId:
      name: argo-sso
      key: clientID
    clientSecret:
      name: argo-sso
      key: clientSecret
    redirectUrl: https://<argo-base-url>/oauth2/callback

We are following below documentation as reference (search for SSO): https://argoproj.github.io/argo-workflows/workflow-controller-configmap.yaml

We also checked with Microsoft Team & Azure B2C side we are able to run sample userflows (https://jwt.ms/) & verify authentication token also. So our understanding is Azure B2C configuration looks good, but somehow "Argo Workflow Integration with Azure B2C" not working.

Can anyone please help, it is a blocker for us.

azureazure-ad-b2cargo-workflowsargo


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions