From 6f71d32847af8efbd2bc6ecdb0c3edea15742733 Mon Sep 17 00:00:00 2001
From: Annie Ku <kuannie1@users.noreply.github.com>
Date: Mon, 13 Jan 2025 10:29:08 -0800
Subject: [PATCH] fix: if one oidc verifier is failing, do not let the whole
 API fail (#3769)

---
 api/pkg/request/auth.go | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/api/pkg/request/auth.go b/api/pkg/request/auth.go
index f98152fff..20db7a66c 100644
--- a/api/pkg/request/auth.go
+++ b/api/pkg/request/auth.go
@@ -214,12 +214,15 @@ func MakeVerifierFromConfig(ctx context.Context, cfg *setup.Configuration) OIDCV
 	for _, provider := range cfg.Auth.Providers {
 		verifier, err := MakeOIDCProvider(ctx, provider.IssuerURL, provider.ClientID, DefaultClaimsVerifier)
 		if err != nil {
-			logrus.Errorf("failed to create OIDC verifier with error: %s", err.Error())
+			logrus.Warnf("failed to create OIDC verifier with Issuer URL %s and clientID %s with error: %s", provider.IssuerURL, provider.ClientID, err.Error())
 			continue
 		}
 		verifiers = append(verifiers, verifier)
 	}
-
+	if len(verifiers) == 1 {
+		logrus.Error("only one OIDC verifier configured.")
+	}
+	logrus.Infof("%d OIDC verifiers configured", len(verifiers))
 	return MakeMultiOIDCVerifier(verifiers...)
 }