I have activated Identity Aware Proxy on a GCP Load Balancer and configured it to authenticate the users against my OIDC Identity Provider (Auth0) through Google Identity Platform with a default login page hosted on Cloud Run.
When I browse my application I got redirected to the login page but then this happens:
although the document is available and publicly reachable at that URL:
I followed GCP documentation step by step and cannot find any troubleshooting guide. Any thoughts?
Thanks
Ok, solved.
The problem was I had configured my Google Identity Platform OIDC Provider with the full metadata document URL
while only the issuer base URL was expected
Newbie mistake, I know, but the error message is misleading, IMO, because it reports the URL where the document actually is. If the returned message had been
the misconfiguration would have been immediately apparent.