Login failed; caused by Error: Failed to sign-in, unable to resolve user identity. Please verify that your catalog contains the expected User entities that would match your configured sign-in resolver.

did you create users in the catalog?

https://backstage.io/docs/auth/identity-resolver#sign-in-resolvers

Yes, I have added the users in catalog-info.yaml file for kind: User
Metadata:

which signin resolver are you using?

signIn:
resolvers:
# See https://backstage.io/docs/auth/microsoft/provider#resolvers for more resolvers
- resolver: userIdMatchingUserEntityAnnotation

I have updated custom build sign in resolver. Now getting different error.

Login failed; caused by Error: The Azure Active Directory provider is not configured to support sign-in

This is my configuration file

index.ts

Hello,
i tried to used build in resolvers like usernameMatchingUserEntityName ,emailMatchingUserEntityProfileEmail , emailLocalPartMatchingUserEntityName for my new keycloak provider, but those are never found/working. Any idea why ?https://backstage.io/docs/auth/identity-resolver/

after i removed thoshe app is working , but dont know how to get those resolvers

can someone help to resolve the below error

Login failed; caused by Error: The Azure Active Directory provider is not configured to support sign-in

signIn:

resolvers:

        # See https://backstage.io/docs/auth/microsoft/provider#resolvers for more resolvers

- resolver: userIdMatchingUserEntityAnnotation

experimentalExtraAllowedOrigins:

Hi. Here is an example of how we have configured ours.

app-config.yaml

auth:
  environment: production
  providers:
    guest: null
    microsoft:
      production:
        clientId: ${AZURE_CLIENT_ID}
        clientSecret: ${AZURE_CLIENT_SECRET}
        tenantId: ${AZURE_TENANT_ID}
        domainHint: "yourdomain.com"
        signIn:
          resolvers:
            - resolver: emailMatchingUserEntityAnnotation
catalog:
  providers:
    microsoftGraphOrg:
      default:
        tenantId: ${AZURE_TENANT_ID}
        clientId: ${AZURE_CLIENT_ID}
        clientSecret: ${AZURE_CLIENT_SECRET}
        userGroupMember:
          filter: "displayName eq 'All AD Accounts'"
        group:
          filter: "..."
        schedule:
          frequency: PT6H
          timeout: PT50M

App.tsx

import { configApiRef, microsoftAuthApiRef, useApi } from '@backstage/core-plugin-api';

const app = createApp({
  apis,
  components: {
    SignInPage: props => (
      <SignInPage
        {...props}
        auto
        providers={[useApi(configApiRef).getString('auth.environment') === 'development' ? 'guest' : {
          id: 'microsoft-auth-provider',
          title: 'Your Corp',
          message: 'Sign in using your Corporate credentials',
          apiRef: microsoftAuthApiRef,
        }]}
      />
    ),
  },
   ...
});

...

export default app.createRoot(
  <>
    <AlertDisplay />
    <OAuthRequestDialog /> /*<== important*/
    <AppRouter>
      <Root>{routes}</Root>
    </AppRouter>
  </>,
);

thank you so much for the detail

Let me compare with my configuration.

I have updated as mentioned the configuration. Now getting the below error.

Login failed; caused by Error: Failed to sign-in, unable to resolve user identity. Please verify that your catalog contains the expected User entities that would match your configured sign-in resolver.

• resolver: emailMatchingUserEntityAnnotation

userEntity: "user:default/{{user.email}}"

redirectUrl: https://devcatalog.idp.com/api/auth/microsoft/handler/frame
signIn:
resolvers:
# See https://backstage.io/docs/auth/microsoft/provider#resolvers for more resolvers
- resolver: usernameMatchingUserEntityName

userEntity: "user:default/{{user.email}}"

apiVersion: backstage.io/v1alpha1
kind: Component
metadata:
name: backstg
description: An example of a Backstage application.

Example for optional annotations

annotations:

github.com/project-slug: backstage/backstage

backstage.io/techdocs-ref: dir:.

spec:
type: website
owner: distribution-devsecopsteam@idp.com
lifecycle: dev
system: backstage
repository: https://github.com/backstage/backstage.git

apiVersion: backstage.io/v1alpha1
kind: User
metadata:
name: saravanan.rg
annotations:
microsoft.com/email: "saravanan.rg@idp.com"
spec:
profile:
displayName: "Saravanan RG"
email: "saravanan.rg@idp.com"
memberOf: []

There seems to be an error in the config. Your logs says:
...Caused by the following schema error, Error: Config validation failed, Config must be array { type=array } Are you sure your config is valid? looks like you don't have a array of resolvers.

Secondly, the metadata.name of your User should be saravanan.rg_idp.com not saravanan.rg@idp.com

I changed metadata.name as per suggested.

But still facing the issue

auth', 'permission', 'search', 'kubernetes', 'catalog' type=initialization
2025-01-24T16:25:00.677Z techdocs info Creating Local publisher for TechDocs
2025-01-24T16:25:00.806Z app info Storing 294 updated assets and 0 new assets
2025-01-24T16:25:00.850Z auth info Configuring "database" as KeyStore provider
2025-01-24T16:25:00.894Z auth info Configuring auth provider: microsoft
2025-01-24T16:25:00.898Z auth info Configuring auth provider: guest

I see the configuring auth is looking good at backend logging

for the microsoft auth

Login failed; caused by Error: Failed to sign-in, unable to resolve user identity. Please verify that your catalog contains the expected User entities that would match your configured sign-in resolve

this is the latest error now.

had the same, I added all possible resolvers ,then bahm , I could login

I'm getting new error after the auth configuration setup done.