0

I use this architecture :

AWS API Gateway (Lambda Authorizer) -> NLB -> Proxy (Nginx container) -> Backend container (private subnet)

When I call an API with a valid token I get error on Cloudwatch (Nginx container) :

Method response headers: {Server=nginx/1.16.1, Date=Mon, 28 Jun 2021 07:16:28 GMT, Content-Length=0, 
Connection=keep-alive, Vary=Origin,Access-Control-Request-Method,Access-Control-Request-Headers, 
WWW-Authenticate=Bearer error="invalid_token", error_description="An error occurred while attempting to decode the Jwt: 
Unable to resolve the Configuration with the provided Issuer of 
https://olaqinb2c.b2clogin.com/[tenant-id]/null/v2.0/", 
error_uri="https://tools.ietf.org/html/rfc6750#section-3.1", X-Content-Type-Options=nosniff, 
X-XSS-Protection=1; mode=block, Cache-Control=no-cache, no-store, max-age=0, must-revalidate, Pragma=no-cache, Expires=0, X-Frame-Options=DENY}

Before this migration (cognito to Azure AD B2C), I use Cognito with AWS Api Gateway and it's workin fine.

Also, on my local pc without API gateway and Nginx proxy, It's working fine.

Thank you for your help

A. Hafid
  • 429
  • 6
  • 14

1 Answers1

0

Are you using Proxy configuration for the Requests coming to your API Gateway or are you mapping every single request? You can also enable API Gateway Logs for checking if your are recieving all the parameters correctly.

Diego T. P.
  • 43
  • 2
  • This does not provide an answer to the question. Once you have sufficient [reputation](https://stackoverflow.com/help/whats-reputation) you will be able to [comment on any post](https://stackoverflow.com/help/privileges/comment); instead, [provide answers that don't require clarification from the asker](https://meta.stackexchange.com/questions/214173/why-do-i-need-50-reputation-to-comment-what-can-i-do-instead). – Tummala Dhanvi Sep 02 '21 at 16:13