Skip to main content

General troubleshooting steps

Set the log level to TRACE

Setting the log level to trace configures the outpost to trace-log all the headers given in forward auth requests.

This is helpful to confirm that certain required Headers are correctly forwarded from the reverse proxy.

When using the embedded Outpost

Set the authentik log level to TRACE:

Add the following block to your .env file:

AUTHENTIK_LOG_LEVEL=trace

Afterwards, run docker compose up -d.

When using a standard outpost

Edit the outpost settings and set log_level: trace. This setting should propagate to the outpost instances within a couple seconds.

Ensure /outpost.goauthentik.io is accessible

Everything under /outpost.goauthentik.io should be publicly accessible, as URLs under this path are used for authentication.

To check this, run curl -v https://app.company/outpost.goauthentik.io/ping. A correct setup should contain output looking like this:

[...]
< HTTP/2 204
[...]