(BUG) proxy forward auth/IDP and CORS

[wurst44]

Is there an existing issue for this?

• [X] I have searched the existing issues

Is This A Security Issue?

• [X] This is not a security issue

Describe The Problem

Hi, very nice, slim app 👍 I am using a nginx reverse proxy and everthing works fine. I also enabled CORS (tried both * and my TDLs) and using no cache...

When I enable my Authentik proxy forward auth/IDP the app tries to make an request to /api which is forwarede to my IDP auth.TLD.com:

Access to fetch at 'https://auth.TLD.com/application/o/authorize/?client_id=EuOyaHfRyXXXXe.com%2Foutpost.goauthentik.io%2Fcallback%3FX-authentik-auth-callback%3DtrXXXXn8Q' (redirected from 'https://note.TLD.com/api/users/me') from origin 'https://note.TLD.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

This seems to fail because of missing CORS headers. Any Ideas on this?

Expected Behavior

No Error with a proxy forward auth setup.

Steps To Reproduce

No response

Environment

No response

Extra Context

No response

[enchant97]

I do not offer support for integrating with other applications/reverse-proxies. I also have no experience with Authentik so cannot help with this.

Closing as this seem unlikely to be an issue of the core application.