API Gateway jwt authorizer OIDC discovery endpoint

0

Hi all,

I need to setup an API Gateway JWT authorizer using Okta as provider.
Unfortunately the issuer is not directly accessible and I have to whitelist its URLs.
I have whitelisted:
https://okta-domain/.well-known/openid-configuration
https://okta-domain/.well-known/oauth-authorization-server
https://okta-domain/v1/keys

but it seems it is not enough as accessing I still get:
www-authenticate: Bearer scope="" error="invalid_token" error_description="non-200 status code received from OIDC discovery endpoint"

Do you know which other URLs do I need to whitelist?

Thanks!

realbot
asked a year ago210 views
1 Answer
0

To answer my own question for others, the endpoints were ok.
Requests were blocked because they missed accept and user agent headers.

Best

realbot
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions