Reputation: 352
Application Load Balancer Authoriation Header not passed through
I currently have an API on API Gateway (REST) that has a single proxy endpoint hooked up to an HTTP proxy integration. I have a cognito authorizer that authorizes incoming JWTs issued by Cognito and then if valid it forwards the request along to our ECS instance via an Application Load Balancer.
The project that is running in that instance requires the Authorization header to be there for authorization purposes. The problem is that header is not forwarded to the container. After much debugging, we determined that the header was going missing when the ALB isforwarding the request to the container (previously this question was asking about API Gateway because I assumed that's where things were going wrong). Other custom headers can go through but not "Authorization".
Does anyone have any experience persisting the Authorization header using ALB? I'm very new to ALB so still learning how to build these projects.
Upvotes: 1
Views: 5301
Answers (2)
Reputation: 352
We actually had two rules on the alb. One redirecting the api call from port 80 to port 443, then a forward rule to the container. We discovered that the header went missing at the redirect rule, so we eliminated that and added listener on port 80 that forwarded the call to the ecs task.
Upvotes: 0
Related Questions
- AWS application load balancer not forwarding requests
- AWS load balancer returns a 403 response?
- EKS Application Load Balancer AccessDenied Not authorized to perform
- AWS Application Load Balancer is accessible by IP Address
- Aws Application Load Balancer not accessible unless All traffic is allowed
- AWS Application Load Balancer : Request Header Or Cookie Too Large
- AWS Application Load Balancer not working
- Using Application Load Balancer with HTTPS
- AWS Elastic Load Balancer not Forwarding HTTP Headers to EC2 Instance
- AWS Application Load Balancer transforms all headers to lower case