API Gateway jwt authorizer OIDC discovery endpoint

0

Hi all,

I need to setup an API Gateway JWT authorizer using Okta as provider.
Unfortunately the issuer is not directly accessible and I have to whitelist its URLs.
I have whitelisted:
https://okta-domain/.well-known/openid-configuration
https://okta-domain/.well-known/oauth-authorization-server
https://okta-domain/v1/keys

but it seems it is not enough as accessing I still get:
www-authenticate: Bearer scope="" error="invalid_token" error_description="non-200 status code received from OIDC discovery endpoint"

Do you know which other URLs do I need to whitelist?

Thanks!

realbot
gefragt vor 3 Jahren1036 Aufrufe
1 Antwort
1

To answer my own question for others, the endpoints were ok.
Requests were blocked because they missed accept and user agent headers.

Best

realbot
beantwortet vor 3 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen