414 Request-URI Too Large behind AWS application load balancer

I have an application that is running on an EC2 instance in AWS that uses Auth0. When I visit the app at the EC2’s public IP address, auth0 (i.e., authentication and everything supporting it) works without issue.

However, when I attempt to put the app behind an application load balancer, I receive a 414 Request-URI Too Large error and never see the authentication page.

I am unclear why introducing the load balancer in this scenario is causing issues.

To configure the load balancer and app, we followed the instructions here: Securing your applications with AWS ALB Built-in Authentication and Auth0 | by Sandrino Di Mattia | Medium. Are these instructions dated?

A few notes: 1) when auth0 is not used, the load balancer works as expected and routes traffic to target servers appropriately, 2) when the load balancer is not used, the authentication process through auth0 works as expected (i.e., uses can authenticate and use the app via the EC2’s public IP address), and 3) when trying to use both auth0 and the load balancer is when we get the 414 error.

Any ideas?

1 Like

I’ve come across a similar issue with the AWS ALB using Auth0 + cognito for authentication. Was this resolved?

I resolved the issue. In my case, t was because “client secret” had not been enabled for the application in AWS Cognito. This is a requirement for ALB to use Cognito.