[“identity_provider”,“Invalid response received from Authorization Server. Expected JSON.”]
This is the message in Mailcow UI logs I get consistently when trying to login with Authentik Oauth2/OpenID to Mailcow and the login fails.
Setup is entirely self-hosted: fresh install of Mailcow 2025-09b, Authentik 2025.8.4 that works well with 15+ other OIDC-capable services and Nginx Proxy Manager in front of both. I have read and followed both the Authentik guide at https://integrations.goauthentik.io/chat-communication-collaboration/mailcow/ , the Mailcow guide at https://docs.mailcow.email/manual-guides/mailcow-UI/u_e-mailcow_ui-generic-oidc/ and the thorough post at mailcow/mailcow-dockerized5445 - Nothing works and nothing helps–the error persists and it is not possible to login to Mailcow as a user via OIDC.
The mailbox is created in Mailcow beforehand, and has the same login email address as the user in Authentik. The mailbox has Generic-OIDC as identity provider. The Authentik configuration with provider and application is re-created at least 3 times now with the guides above. Re-installed Mailcow two times.
I fail to see that my problem is within the scope of the documented installation manuals. This has got to be something else, like Authentik sending the JWT in some unexpected format or something like that, this is what the error message kind of points at.
Any ideas? How can I troubleshoot this?
Mailcows logging is not very helpful here. A better log of the OIDC would be great.