Skip to content

Auth Service Operations

Auth Service health depends on database connectivity, identity-provider configuration, key-management access, and correct platform secrets.

Use Kubernetes readiness and liveness state as the primary operational signal. If readiness fails, inspect logs for database, IDP discovery, token issuer, or key-management errors.

Common causes include issuer mismatch, invalid client credentials, missing redirect URIs, missing management API permissions, and disabled user-management settings.

API key failures usually indicate revocation, expiration, missing scopes, IP restriction mismatches, or use against a route that does not allow API-key authentication.

Worker token failures usually indicate missing service-account credentials, failed bootstrap, mismatched API secrets, or missing DID key reconciliation. For Auth0 and Entra, confirm the worker client ID and secret are set. For Keycloak, confirm either the worker client secret is set or Auth Service has permission to provision the client during bootstrap.