Here is the scenario
- Kubernetes cluster
- Kong proxy and ingress controller with TLS certificate deployed for HTTPS termination
- .NET ASP web application with authentication based on Azure AD
- .NET ASP app runs on Kestrel and listens on HTTP
- no Kong authentication plugins used
Are there any additional configuration requirements to be applied on Kong proxy in order to make the Azure AD authentication work?
I imagined it should be a common scenario to use Azure AD authentication behind NGINX(-based) proxy, but I’m hitting some walls and despite redirect URLs being generated correctly, I’m observing Kong blocking the traffic at some point with Bad Request.
I found this guide which suggests there is some configurationrequired, but I have no idea how this could be applied to Kong on Kubernetes: