When following this blog post and similar resources to setup AWS JWT Authorizers, the following error is returned when validating the JWT:
error="invalid_token" error_description="the issuer in the OIDC discovery endpoint metadata does not match the configured issuer".
- 401 error returned
- login will fail
The issuer had been inaccurately setup during the configuration of the JWT Authorizer by not including the trailing ‘/’ of the Issuer URL.
Confirm the Issuer URL in AWS includes the trailing ‘/’ and is otherwise accurately configured.