26 Mar
2025
26 Mar
'25
4:44 a.m.
This is running on OS: Linux 6.1.0-28-amd64 x86_64 Debian 11.11 on amd64 hardware with an ext4 filesystem.
My uneducated guess is authentik sent a token that was bigger than Dovecot expected; the OAuth2 spec doesn’t define a maximum size. As an example, Authentik client secrets are 128 characters long by default, which looks like it would overflow the payload buffer defined in oauth2_client_secret_start. (I edited my Authentik client secret to make it small enough to fit and it didn’t fix the problem).