Problem: HTTP 401/502 when creating or restoring a project respectively

[chkpwd]

I'm not sure this issue is solved. On the latest release (v2.14.7), I have created a container with the necessary elements:

    env:
      SEMAPHORE_DB_DIALECT: bolt
      SEMAPHORE_ADMIN: foo
      SEMAPHORE_ADMIN_NAME: foo 
      SEMAPHORE_ADMIN_PASSWORD:  bar

semaphore_oidc_config:
  oidc_providers:
    authentik:
      display_name: "Sign in with SSO"
      provider_url: "https://authentik.chkpwd.com/application/o/semaphore-ui/"
      client_id: foo
      client_secret: bar
      redirect_url: "https://semaphore.chkpwd.com/api/auth/oidc/authentik/redirect"
      scopes:
        - "email"
        - "openid"
        - "profile"
      username_claim: "username" # user is foo
      name_claim: "name" # John Doe
      email_claim: "email" # [email protected]

The important the bit that's displayed in the logs is the same error as before:

time="2025-05-03T16:30:07-04:00" level=warning msg="m0niuwye53ntewyr is not permitted to edit users"

Full logs:

Generating setup file  ...
Executing semaphore setup

Hello! You will now be guided through a setup to:

1. Set up configuration for a MySQL/MariaDB database
2. Set up a path for your playbooks (auto-created)
3. Run database Migrations
4. Set up initial semaphore user & password

What database to use:
   1 - MySQL
   2 - BoltDB
   3 - PostgreSQL
 (default 1): 
db filename (default /home/semaphore/database.boltdb): 
Playbook path (default /tmp/semaphore): 
Public URL (optional, example: https://example.com/semaphore): 
Enable email alerts? (yes/no) (default no): 
Enable telegram alerts? (yes/no) (default no): 
Enable slack alerts? (yes/no) (default no): 
Enable Rocket.Chat alerts? (yes/no) (default no): 
Enable Microsoft Team Channel alerts? (yes/no) (default no): 
Enable LDAP authentication? (yes/no) (default no): 
Config output directory (default /home/semaphore): 
Running: mkdir -p /etc/semaphore..
Configuration written to /etc/semaphore/config.json..
Loading config
Validating config
 Pinging db..
Running db Migrations..
Executing migration v0.0.0 (at 2025-05-03 20:23:22.770444604 +0000 UTC)...
Executing migration v1.0.0 (at 2025-05-03 20:23:22.782400224 +0000 UTC)...
Executing migration v1.2.0 (at 2025-05-03 20:23:22.786552959 +0000 UTC)...
Executing migration v1.3.0 (at 2025-05-03 20:23:22.790493457 +0000 UTC)...
Executing migration v1.4.0 (at 2025-05-03 20:23:22.794648341 +0000 UTC)...
Executing migration v1.5.0 (at 2025-05-03 20:23:22.799235072 +0000 UTC)...
Executing migration v1.6.0 (at 2025-05-03 20:23:22.803540714 +0000 UTC)...
Executing migration v1.7.0 (at 2025-05-03 20:23:22.807983873 +0000 UTC)...
Executing migration v1.8.0 (at 2025-05-03 20:23:22.812069479 +0000 UTC)...
Executing migration v1.9.0 (at 2025-05-03 20:23:22.816096254 +0000 UTC)...
Executing migration v2.2.1 (at 2025-05-03 20:23:22.821097925 +0000 UTC)...
Executing migration v2.3.0 (at 2025-05-03 20:23:22.825144477 +0000 UTC)...
Executing migration v2.3.1 (at 2025-05-03 20:23:22.830220907 +0000 UTC)...
Executing migration v2.3.2 (at 2025-05-03 20:23:22.834383161 +0000 UTC)...
Executing migration v2.4.0 (at 2025-05-03 20:23:22.841998344 +0000 UTC)...
Executing migration v2.5.0 (at 2025-05-03 20:23:22.852423072 +0000 UTC)...
Executing migration v2.5.2 (at 2025-05-03 20:23:22.857044655 +0000 UTC)...
Executing migration v2.7.1 (at 2025-05-03 20:23:22.861694145 +0000 UTC)...
Executing migration v2.7.4 (at 2025-05-03 20:23:22.866097008 +0000 UTC)...
Executing migration v2.7.6 (at 2025-05-03 20:23:22.871261307 +0000 UTC)...
Executing migration v2.7.8 (at 2025-05-03 20:23:22.875766743 +0000 UTC)...
Executing migration v2.7.9 (at 2025-05-03 20:23:22.880382715 +0000 UTC)...
Executing migration v2.7.10 (at 2025-05-03 20:23:22.884244621 +0000 UTC)...
Executing migration v2.7.12 (at 2025-05-03 20:23:22.888730742 +0000 UTC)...
Executing migration v2.7.13 (at 2025-05-03 20:23:22.893003236 +0000 UTC)...
Executing migration v2.8.0 (at 2025-05-03 20:23:22.897794391 +0000 UTC)...
Executing migration v2.8.1 (at 2025-05-03 20:23:22.902473436 +0000 UTC)...
Executing migration v2.8.7 (at 2025-05-03 20:23:22.90746746 +0000 UTC)...
Executing migration v2.8.8 (at 2025-05-03 20:23:22.913563287 +0000 UTC)...
Executing migration v2.8.20 (at 2025-05-03 20:23:22.91837172 +0000 UTC)...
Executing migration v2.8.25 (at 2025-05-03 20:23:22.923858683 +0000 UTC)...
Executing migration v2.8.26 (at 2025-05-03 20:23:22.928484896 +0000 UTC)...
Executing migration v2.8.36 (at 2025-05-03 20:23:22.93428917 +0000 UTC)...
Executing migration v2.8.38 (at 2025-05-03 20:23:22.938579627 +0000 UTC)...
Executing migration v2.8.39 (at 2025-05-03 20:23:22.943450485 +0000 UTC)...
Executing migration v2.8.40 (at 2025-05-03 20:23:22.947938162 +0000 UTC)...
Executing migration v2.8.42 (at 2025-05-03 20:23:22.954173655 +0000 UTC)...
Executing migration v2.8.51 (at 2025-05-03 20:23:22.959464786 +0000 UTC)...
Executing migration v2.8.57 (at 2025-05-03 20:23:22.963173897 +0000 UTC)...
Executing migration v2.8.58 (at 2025-05-03 20:23:22.967812869 +0000 UTC)...
Executing migration v2.8.91 (at 2025-05-03 20:23:22.973458478 +0000 UTC)...
Executing migration v2.9.6 (at 2025-05-03 20:23:22.978041154 +0000 UTC)...
Executing migration v2.9.46 (at 2025-05-03 20:23:22.98252135 +0000 UTC)...
Executing migration v2.9.60 (at 2025-05-03 20:23:22.986191461 +0000 UTC)...
Executing migration v2.9.61 (at 2025-05-03 20:23:22.990507343 +0000 UTC)...
Executing migration v2.9.62 (at 2025-05-03 20:23:22.994375878 +0000 UTC)...
Executing migration v2.9.70 (at 2025-05-03 20:23:22.997832084 +0000 UTC)...
Executing migration v2.9.97 (at 2025-05-03 20:23:23.001660842 +0000 UTC)...
Executing migration v2.9.100 (at 2025-05-03 20:23:23.006086612 +0000 UTC)...
Executing migration v2.10.12 (at 2025-05-03 20:23:23.009298653 +0000 UTC)...
Executing migration v2.10.15 (at 2025-05-03 20:23:23.012146013 +0000 UTC)...
Executing migration v2.10.16 (at 2025-05-03 20:23:23.015037225 +0000 UTC)...
Executing migration v2.10.24 (at 2025-05-03 20:23:23.01773942 +0000 UTC)...
Executing migration v2.10.26 (at 2025-05-03 20:23:23.020681631 +0000 UTC)...
Executing migration v2.10.28 (at 2025-05-03 20:23:23.023882543 +0000 UTC)...
Executing migration v2.10.33 (at 2025-05-03 20:23:23.031003638 +0000 UTC)...
Executing migration v2.10.46 (at 2025-05-03 20:23:23.037417202 +0000 UTC)...
Executing migration v2.11.5 (at 2025-05-03 20:23:23.041022425 +0000 UTC)...
Executing migration v2.12.0 (at 2025-05-03 20:23:23.044955311 +0000 UTC)...
Executing migration v2.12.3 (at 2025-05-03 20:23:23.048785328 +0000 UTC)...
Executing migration v2.12.4 (at 2025-05-03 20:23:23.052719159 +0000 UTC)...
Executing migration v2.12.5 (at 2025-05-03 20:23:23.056368029 +0000 UTC)...
Executing migration v2.12.15 (at 2025-05-03 20:23:23.059862272 +0000 UTC)...
Executing migration v2.13.0 (at 2025-05-03 20:23:23.062906611 +0000 UTC)...
Executing migration v2.14.0 (at 2025-05-03 20:23:23.066473983 +0000 UTC)...
Executing migration v2.14.1 (at 2025-05-03 20:23:23.069700413 +0000 UTC)...
Executing migration v2.14.5 (at 2025-05-03 20:23:23.072479089 +0000 UTC)...
Executing migration v2.14.7 (at 2025-05-03 20:23:23.075360467 +0000 UTC)...
Migrations Finished


time="2025-05-03T16:23:23-04:00" level=warning msg="no rows in result set" fields.level=Warn
 > Username:  > Email:  > Your name:  > Password: 
 You are all setup chkpwd!
 Re-launch this program pointing to the configuration file

./semaphore server --config /etc/semaphore/config.json

 To run as daemon:

nohup ./semaphore server --config /etc/semaphore/config.json &

 You can login with admin@localhost or chkpwd.
No additional python dependencies to install
Starting semaphore server
Loading config
Validating config
BoltDB /var/lib/semaphore/database.boltdb
Tmp Path (projects home) /tmp/semaphore
Semaphore v2.14.7-f77a5a0-1746171973
Interface 
Port :3000
Server is running
No additional python dependencies to install
Starting semaphore server
Loading config
Validating config
BoltDB /var/lib/semaphore/database.boltdb
Tmp Path (projects home) /tmp/semaphore
Semaphore v2.14.7-f77a5a0-1746171973
Interface 
Port :3000
Server is running
time="2025-05-03T16:30:07-04:00" level=warning msg="m0niuwye53ntewyr is not permitted to edit users"

This is the POST request sent to the backend:

POST:
  scheme: https
  host: semaphore.chkpwd.com
  filename: /api/projects

name: test

Originally posted by @chkpwd in #2663

[chkpwd]

I apologize, I meant to include the generated config.json:

{
    "access_key_encryption": "<redacted>",
    "bolt": {
        "host": "/var/lib/semaphore/database.boltdb"
    },
    "cookie_encryption": "<redacted>",
    "cookie_hash": "<redacted>",
    "dialect": "bolt",
    "oidc_providers": {
        "authentik": {
            "client_id": "semaphore",
            "client_secret": "<redacted>",
            "display_name": "Sign in with SSO",
            "email_claim": "email",
            "name_claim": "name",
            "provider_url": "https://authentik.chkpwd.com/application/o/semaphore-ui/",
            "redirect_url": "https://semaphore.chkpwd.com/api/auth/oidc/authentik/redirect",
            "scopes": [
                "email",
                "openid",
                "profile"
            ],
            "username_claim": "username"
        }
    },
    "tmp_path": "/tmp/semaphore",
    "web_host": "https://semaphore.chkpwd.com"
}