Keycloak 9 - Login fails with code to token exchange error unless login using incognito mode

hongthang152 · April 6, 2021, 6:57pm

Hello everyone,

I have a Keycloak deployment running in a Kubernetes cluster with 2 pods in HA mode. Everything was working fine until one day we had one user that couldn’t login because of CODE_TO_TOKEN_ERROR. We tried everything from restarting the pods to clearing the browser cache, but nothing worked until we tried login to Keycloak using incognito mode. Magically, after we did that, all subsequent logins started to work normally (including non-incognito mode).

We know that the issue is gone, but we really want to know why it happened. It seems like Keycloak had some blocking data that prevented the authentication from happening, and the browser incognito mode freed that data.

Any input from the community on this case would be very appreciated. Thank you

jangaraj · April 6, 2021, 8:56pm

I would say Keycloak logs are your good friend. Filter errors, backtraces,… That error has very likely also description with more details. Blind guess: problem with infinispan cache/cluster. It looks like also you have a sticky session on the LB.

Topic		Replies	Views
Keycloak operator created cluster not working with mutliple keycloak pods Getting advice authentication	0	1090	June 7, 2021
Keycloak oidc authentication issue on K8s having replica of application server Getting advice authentication , oidc	1	212	November 20, 2023
Keycloak Cookies Issue in Chrome Incognito Mode	7	7468	March 29, 2023
Keycloak initial token error	0	26	April 23, 2024
I am not able to access keycloak cookies even being on same parent domain in incognito mode Configuring the server	2	160	March 13, 2024

Keycloak 9 - Login fails with code to token exchange error unless login using incognito mode

Related Topics