Troubleshoot user login issues
Stay organized with collections
Save and categorize content based on your preferences.
This document provides troubleshooting guidance for FQDN user login issues
from third-party identity providers to fleet member clusters.
Client can't reach the authentication service
This issue occurs in one of the following cases:
You're using a version that doesn't support this user login method.
The control plane VIP doesn't route the traffic to the correct component.
Error message
Error: could not start login. Please check if cluster supports server side authentication. Details: failed to ping well-known endpoint: Get "https://cluster-url:XXXXX/.well-known/configuration": dial tcp XXX:XXXXX: connect: connection refused
ERROR: Configuring Anthos authentication failed
Solution
To resolve this issue, verify that you're using a version of
1.28 or higher and the version of the control plane that supports authentication
using FQDN access.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-12-05 UTC."],[],[]]
