Authorization fails when APIcast is configured as a proxy for RH-SSO on OpenShift
Issue
- Authorization fails in APIcast with status code:
403 Forbidden
when a Product is configured with Authentication method =OpenID Connect
while the OCP router and RH-SSO are configured as described in the Environment section and APIcast is used as a proxy for generating JWTs on RH-SSO.
Environment
-
Red Hat 3scale API Management Platform (3scale)
- 2
-
Red Hat Single Sign On (RH-SSO)
- 7.4
proxy-address-forwarding="true"
frontendUrl=""
- 7.4
-
Red Hat OpenShift Container Platform (OCP)
- 4
ROUTER_SET_FORWARDED_HEADERS={append|replace|IfNone}
- 4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.