Emergency access and troubleshooting

Emergency access to the Airlock Gateway Configuration Center

When access management and identity propagation have been configured, direct access to the local Authentication Center login page remains available for local Airlock Gateway users. This can be useful in fallback or emergency scenarios — e.g., if Airlock IAM is temporarily unavailable.

  1. Use the URL /auth/login of Airlock Gateway, in a browser https://gw.example.com/auth/login.
  2. The login page of the Airlock Gateway Configuration Center appears.
  3. Use a local user (e.g., with the airlock-administrator role) to log in.
  4. Access to the Configuration Center is granted.
 
Functional limitation

Note that after failing login attempt or after pressing the Airlock Gateway Configuration Center logout button, the request will be redirected to the Airlock IAM loginpage.
You will have to re-enter the URL /auth/login to log in again.

Troubleshooting

If Airlock Gateway displays the error page Sorry for the inconvenience during login, one or more of the following causes may apply:

  • Airlock Gateway administrative roles are missing in the identity provisioning process.
  • The HMAC and/or the encryption key in Airlock IAM does not match the JWT secret in Airlock Gateway.
  • Only one role is propagated, but Claims Stored As Array for roles is not configured in the JWT Ticket Encoder.