Application Load Balancer doesn't send user claims in HTTP headers

0

I'm trying to authenticate users using aws alb.

I have Open ID Connect Provider application and it works.

Following https://docs.amazonaws.cn/en_us/elasticloadbalancing/latest/application/listener-authenticate-users.html#authentication-flow , after user authenticated, load balancer should send the user claims in HTTP headers.

My OIDC provider application sends user claims to LB, but I cannot find x-amzn-oidc-* headers from the request.

How do I get x-amzn-oidc-* headers from LB?

asked 4 years ago1914 views
2 Answers
0
Accepted Answer

Hi,

Once the user is authenticated by the IdP and user claims are sent to the ALB, the ALB should be sending the x-amzn-oidc-* headers to the backends with every request.
Can you confirm if you are checking for headers on the client side or on the server?
Note that the headers are not set on the client side for the responses but are set only on the requests sent to the server. Hence will only be visible on your application side as normal HTTP headers.

If you are still facing issues please provide your ELB name so we can check on our end.

AWS
answered 4 years ago
0

Hi,
I checked the header from client. When I check my server, I could get x-amzn-oidc-* headers.
Thanks.

answered 4 years ago
  • Hi @JangwookKim, I know it has been long but I am facing the same challenge. Would you be able to share how and where did you check the server for these headers? I am running a website (HTTPD backend) on EC2 behind an ALB. The authentication is working fine, but I am unable to see the x-amzn-* headers anywhere.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions