I've set up JWT authentication on my Application Load Balancer (ALB) and I'm running into issues. Even after configuring it on a different host header and a sub-path, plus placing it at the end of my rules list, the callback to /oauth2/idpresponse isn't functioning correctly. As soon as I remove the last rule, the OIDC authentication starts working again. Has anyone else faced a similar problem?
1 Answer
It sounds like you might be experiencing a priority issue with your ALB rules, even if they’re placed in the correct order. The rules aren't just about their placement; sometimes specific combinations can cause unexpected behavior. What exact rule are you trying to implement for JWT? Could you share the details or any logs? Sometimes seeing the actual rules can help diagnose the problem better.
Here's a link to an image showing my current setup. In this configuration, neither OIDC authentication is working. Once I delete the last rule—leaving just a default 404—OIDC starts functioning again. It feels like it might be a bug with how ALB handles multiple auth methods. Anyone have thoughts on this?