There is a problem with the Authentik agent, where there is no way to trigger a re-auth without doing a re-setup. This can lead to odd problems when the agent starts. This was captured after I logged into my laptop. It's connected to ak-sysd and ak-agent. The agent didn't start with my laptop because I wasn't connected to the network at the time. Manually starting the agent results in this recurrently until the process is CTRL+C'ed
WARN[0026] Failed to renew token error="invalid response status code: {\"error\": \"invalid_grant\", \"error_description\": \"The provided authorization grant or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client\", \"request_id\": \"bc4962ba3b234706ad12f10ab9300666\"}" logger=token.manager pid=12088 profile=default target=ak-agent
DEBU[0026] Token is expired and needs to be renewed logger=token.manager pid=12088 profile=default target=ak-agent
DEBU[0026] sending request logger=token.manager pid=12088 profile=default target=ak-agent url="https://authentik/application/o/token/"
WARN[0026] Failed to renew token error="invalid response status code: {\"error\": \"invalid_grant\", \"error_description\": \"The provided authorization grant or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client\", \"request_id\": \"27712b32e72e452c8177fea5123db7da\"}" logger=token.manager pid=12088 profile=default target=ak-agent
DEBU[0026] Token is expired and needs to be renewed logger=token.manager pid=12088 profile=default target=ak-agent
DEBU[0026] sending request logger=token.manager pid=12088 profile=default target=ak-agent url="https://authentik/application/o/token/"
WARN[0027] Failed to renew token error="invalid response status code: {\"error\": \"invalid_grant\", \"error_description\": \"The provided authorization grant or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client\", \"request_id\": \"169d0abb269d453fbe59dade04654997\"}" logger=token.manager pid=12088 profile=default target=ak-agent
DEBU[0027] Token is expired and needs to be renewed logger=token.manager pid=12088 profile=default target=ak-agent
DEBU[0027] sending request logger=token.manager pid=12088 profile=default target=ak-agent url="https://authentik/application/o/token/"
WARN[0027] Failed to renew token error="invalid response status code: {\"error\": \"invalid_grant\", \"error_description\": \"The provided authorization grant or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client\", \"request_id\": \"5d3ad0ab91ed4d72bca4eabb47d369a3\"}" logger=token.manager pid=12088 profile=default target=ak-agent
DEBU[0027] Token is expired and needs to be renewed logger=token.manager pid=12088 profile=default target=ak-agent
DEBU[0027] sending request logger=token.manager pid=12088 profile=default target=ak-agent url="https://authentik/application/o/token/"
^CINFO[0027] Shutting down...
INFO[0027] Removing lock file lock=/home/<user>/.config/authentik/agent.lock logger=agent pid=12088 target=ak-agent
It would be nice for the agent to prompt for re-auth rather than displaying this for ages. Especially if clicking on the agent icon in the tray could trigger the re-auth process to the previously configured URL, that would be a much better user experience.
I am currently running ak-agent version 0.40.2-f9c6ccee installed from the repository I believe.
There is a problem with the Authentik agent, where there is no way to trigger a re-auth without doing a re-setup. This can lead to odd problems when the agent starts. This was captured after I logged into my laptop. It's connected to ak-sysd and ak-agent. The agent didn't start with my laptop because I wasn't connected to the network at the time. Manually starting the agent results in this recurrently until the process is CTRL+C'ed
It would be nice for the agent to prompt for re-auth rather than displaying this for ages. Especially if clicking on the agent icon in the tray could trigger the re-auth process to the previously configured URL, that would be a much better user experience.
I am currently running ak-agent version 0.40.2-f9c6ccee installed from the repository I believe.