I have a kibana endpoint in an AWS VPC that i’m trying to secure using an application load balancer with OIDC and Auth0.
I have created a ‘Regular Web Application’ in Auth0 and used the respective url endpoints from the advanced settings in the setup of the ALB in AWS. And ofcourse the ClientId and ClientSecret.
When trying to access the ALB endpoint, i get correctly redirected to auth0 and after logging I also get redirected towards the callback (the /idpresponse one). However at this point the ALB returns a 401 ‘Authorization Required’ message.
When I look in the logs of the Auth0 tenant, I actually see both a Successful Login (from the client) and a Successful Exchange (from the ALB).
Checking the access logs from the ALB, it logs that the IdToken is incorrect, but given the lack of any verbose logging I have no idea what would actually be wrong here.