Problem statement
When following this blog post and similar resources to setup AWS JWT Authorizers, the following error is returned when validating the JWT:
error="invalid_token" error_description="the issuer in the OIDC discovery endpoint metadata does not match the configured issuer".
Symptoms
- 401 error returned
- login will fail
Cause
The issuer had been inaccurately setup during the configuration of the JWT Authorizer by not including the trailing ‘/’ of the Issuer URL.
Solution
Confirm the Issuer URL in AWS includes the trailing ‘/’ and is otherwise accurately configured.
https://{YOUR_TENANT}.{REGION}.auth0.com/