I have the a use case where I need to integrate two different service using a fanout ingress (different path). I decide to do so because both services is actually related so I don't want to separate the domain. Another reason is I don't want to use another ingress. However, this problem arises, I understand that once I activate Google IAP, a new clientId and secretId will be created. And the redirect javascript url should be a domain (doesn't include any path or in it's wildcard form).
I'm tring to access https://{my-domain}/{some-path}. It turns out I got the following error.
- That’s an error.
Error: redirect_uri_mismatch
The redirect URI in the request, https://{my-domain}/_gcp_gatekeeper/authenticate, does not match the ones authorized for the OAuth client. To update the authorized redirect URIs, visit: https://console.developers.google.com/apis/credentials/oauthclient/
This is my ingress config:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.allow-http: "false"
kubernetes.io/ingress.global-static-ip-name: <some-static-ip>
name: <name>
namespace: <namespace>
spec:
backend:
serviceName: <service-1>
servicePort: <port-of-service-1>
rules:
- http:
paths:
- backend:
serviceName: <service-2>
servicePort: <port-of-service-2>
path: /<some-path>/*
tls:
- secretName: <secret-name>
However when I tried to access my 1st service it just fine and works as expected.
Just wondering if it's possible to create IAP for two different backend services using the same ingress. I don't manage to find more about this tho. Thanks!
Best,
