Azure Front Door Reverse Proxy 403 Forbidden

travis.evers · October 10, 2024, 6:43pm

Overview

After verifying a new self managed certificate custom domain utilising Azure Front Door as a Reverse proxy, a 403 Forbidden error is seen from Cloudflare despite the cname-api-key header being passed in requests.

Applies To

Self-managed custom domains
Azure Front Door

Cause

This can be caused by an incorrect host header being sent in requests, if not specified it will normally default to the host name in use by the request, but this needs to be overridden.

Solution

Make sure in the Azure Front Door configuration that the field “origin host header” is set to the value of the “Origin Domain Name” provided in the Auth0 Tenant Dashboard when verifying the new custom domain:

Related Azure documentation here: Configure the origin host header for the origin

Topic		Replies	Views
Auth0 Custom Domain with reverse proxy not working Knowledge Articles custom-domain , proxy , reverse , cloudflare	1	1584	May 4, 2023
Custom Domain with Cloudfront Reverse Proxy "ERR_NAME_NOT_RESOLVED" Knowledge Articles custom-domain , dns , cloudfront , reverse-proxy	1	237	June 3, 2024
Patch-custom-domains-by-id: custom_client_ip_header allowlist is undocumented Feedback auth0	0	179	June 17, 2024
Rotate cname-api-key Knowledge Articles	1	429	January 12, 2024
Illegal ‘domain’ attribute “eu.auth0.com” Knowledge Articles certificate , cloudflare , domain , attribute , self-managed , auth0-managed	1	1072	August 24, 2023

Azure Front Door Reverse Proxy 403 Forbidden

Overview

Applies To

Cause

Solution

Related topics