By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

API Gateway jwt authorizer OIDC discovery endpoint

0

Hi all,

I need to setup an API Gateway JWT authorizer using Okta as provider.
Unfortunately the issuer is not directly accessible and I have to whitelist its URLs.
I have whitelisted:
https://okta-domain/.well-known/openid-configuration
https://okta-domain/.well-known/oauth-authorization-server
https://okta-domain/v1/keys

but it seems it is not enough as accessing I still get:
www-authenticate: Bearer scope="" error="invalid_token" error_description="non-200 status code received from OIDC discovery endpoint"

Do you know which other URLs do I need to whitelist?

Thanks!

Topics
ServerlessFront-End Web & MobileNetworking & Content Delivery
Tags
Amazon API Gateway
Language
English
realbot
asked 3 years ago887 views
1 Answer
1

To answer my own question for others, the endpoints were ok.
Requests were blocked because they missed accept and user agent headers.

Best

realbot
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content