OIDC Login Error: "Your credentials aren't allowed" with Keycloak 12.0.4. Loop during OIDC integration between AXY and Keyclaock

Fabiano_Junior_Alves · February 12, 2026, 4:24pm

I am experiencing a redirect loop during OIDC integration between AWX and Keycloak v12.0.4. The user is redirected to Keycloak, authenticates successfully, but upon returning to AWX, the session is not established, and the system redirects to /sso/error/.

AWX Logs (awx-web): At the moment of the callback from Keycloak, the AWX log records the following error:

2026-02-12 13:20:57,850 ERROR [b9206eb3291b4eebb4725e747e810dcc] social Your credentials aren't allowed.

Immediately after, the redirect to the error page occurs:

GET /sso/complete/oidc/ ... (HTTP/1.1 302)
GET /sso/error/ => (HTTP/1.1 301)

Current Keycloak Client Configuration (awx-oidc):

Client ID: awx-oidc
Protocol: openid-connect
Access Type: confidential (client-secret)
Key Mappers Configured:
- groups: Maps Group Membership to claim groups .
- username: Maps user property username to claim sub .
- user_permanet_id: Maps user attribute uid to claim uid .
- roles: Maps client roles for awx-oidc to claim roles .
- email/first_name/last_name: Standard property mappers.

Topic		Replies	Views
AWX / SAML / OKTA ? AWX Project awx	2	29	November 19, 2019
Use GitLab as OIDC provider AWX Project awx	3	150	August 2, 2023
SAML Problem AWX Project awx	2	180	June 2, 2022
Authenticate User with Keycloak Access Token to use the Rest API Get Help awx	4	1043	November 13, 2023
Okta SAML setup with AWX 9.0.1 AWX Project awx	2	27	February 11, 2020

OIDC Login Error: "Your credentials aren't allowed" with Keycloak 12.0.4. Loop during OIDC integration between AXY and Keyclaock

Related topics