Emergency access and troubleshooting

Emergency access to the Airlock Gateway Configuration Center

When access management and identity provisioning with URL parameter is configured, direct access to the local Authentication Center login page is still possible for local Gateway users. This might be used in fallback and emergency situations e.g. in the case Airlock IAM is down.

  • 1.
    Use the URL /auth/login of Airlock Gateway, in a browser https://gw.example.com/auth/login.
  • The login page of the Airlock Gateway Configuration Center appears.
  • 2.
    Use a local user e.g. with the role airlock-admin to log in.
  • Access to the Configuration Center is granted.

Note that after failing login attempt or after pressing the Airlock Gateway Configuration Center logout button, the request will be redirected to the Airlock IAM loginpage.
You will have to re-enter the URL /auth/login to log in again.

Troubleshooting

  • If Airlock Gateway returns the error page Sorry for the inconvenience during login, the following reasons are possible:
  • Airlock Gateway configuration management roles are missing in the identity provisioning process.
  • The HMAC and/or the encryption key in Airlock IAM does not match the JWT secret in Airlock Gateway.
  • Only one role is propagated, but Claims Stored As Array for roles is not configured in the JWT Ticket Encoder.