I would like to seek guidance on configuring the following setup for Okta OIDC+Oauth2 protection.
User Agent → Nginx on port 8080 → proxy pass → Spring boot microservice on port 8888
I have followed the Okta guidelines for securing my microservice. When I invoke the service end point on port 8888 I am presented with a login challenge and on supplying the correct credentials I am able to sign in and navigate through the functionality of the microservice.
I would like to add a network access protection via nginx. I have set up the server block to proxy_pass requests on port 8080 (on, say, /api) to port 8888.
What settings must I use in nginx and in my okta app configuration to allow the proxy-pass to be recognized by okta and the spring microservice? At present, if I invoke the /api endpoint on port 8080, I end up seeing ‘:8080/oauth2/authorization/okta’ in the address bar of my browser. I am unable to see the sign-in page when trying to access the microservice through the nginx reverse proxy layer.
Your help and guidance will be truly appreciated.