Has anyone else had any issues setting up Auth to as an authentication provider for an ALB on AWS?
I’ve followed the AWS docs and created a Regular Web Application. I’ve set the authentication rule on the ALB and tested.
As a client, I’m redirected to the login screen, login successfully but then receive a 500 error from the ALB when attempting to get /oauth2/idpresponse.
I’ve checked the logs and can see that I’ve got a Success Login and Success Exchange event.
Literally no info on the 500 from Amazon.
Has anyone seen this before?
Thanks in advance
If you see a success authorization code exchange in the Auth0 logs this would mean that AWS should have at least received the tokens in question so the failure may be in the process to validate/use the received tokens.
Ideally there should be additional error information somewhere on the AWS side as otherwise it will be a bit of a guessing game. If you haven’t done so already I would double-check the configuration on AWS side and also possible try to do the login while having rules disabled in the Auth0 tenant. The reason to disable rules is that rules can override the scopes requested by an application and AWS may require specific scopes.
Thanks @jmangelo - I don’t have any rules set at the moment.
It would be great to know if anyone has managed to get this working with an ALB in AWS.
Cheers,
Linford
Hi there,
Have you figured out the issue?
Thanks
Late to thread here - but in case it helps, I solved this problem by enabling an outgoing rule in my ALB security group to 0.0.0.0/0 port 443. This is required for the ALB to contact Auth0/Google/etc … whoever the IdP is.