If you have not read the Azure AD docs at our launchpad-docs repo, please read that before reading this article.
Below are some common sources of errors with the files used in setting up the Azure AD integration with Stardog Launchpad.
jwt.yaml
- Including the
signerkey- Our OAuth documentation includes a
signerkey, but you do not need it when using Azure AD with Launchpad.
- Our OAuth documentation includes a
keyUrlnot being resolvable- Ensure the
jwks.jsonfile that yourkeyUrlpoints to is resolvable by Stardog. If it is not resolvable, your stardog.log file will contain the error messageFailed verify the JWT: Failed to get key with kid [key ID].- This message will only show up if you have the following entry in your
log4j2.xmlfile, which can be found in your STARDOG_HOME directory:<Logger name="com.complexible.stardog.security.token" level="DEBUG" additivity="false"> <AppenderRef ref="stardogAppened"/> </Logger>
If you see this error message, try putting your
jwks.jsonfile directly in your STARDOG_HOME directory. Then edit yourjwt.yamlfile such that thekeyUrlentry is as follows:keyUrl: file:///path/to/stardog_home/jwks.json
Note this method is insecure and is not intended for production.
If you're using Kubernetes, you'll edit your
values.yamlfile instead of yourjwt.yamlfile. You can see an example of which line to edit in our helm charts here.
- This message will only show up if you have the following entry in your
- Ensure the
.env
- Ensure the certificate bundle that
STARDOG_SERVER_CERT_PATHpoints to has the Stardog server's certificate and all of the certificates in the chain to the root certificate.- read more about
STARDOG_SERVER_CERT_PATHhere
- read more about
- Ensure
/jwk(the value ofJWK_LOCATION) is properly mounted on your Docker container.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article