I use my own OpenID authentication in docker, with Cloudflared and Authelia.
Everything was fine until today, when I got this error:
Authentication Error
Failed to fetch user/group information from the identity provider
I have a same authentication method on a different zone, a compare the logs.
Wrong auth:
time=“2023-09-18T07:13:54Z” level=debug msg=“Authorization Request with id ‘ad65020e-438e-4b7d-840c-cda6b06c9c2e’ on client with id ‘cloudflare-2fa’ was successfully processed, proceeding to build Authorization Response” method=GET path=/api/oidc/authorization remote_ip=18.184.21.85
The good one:
time=“2023-09-18T07:20:12Z” level=debug msg=“Authorization Request with id ‘fb716695-4e48-491c-8b98-458d68cecbfa’ on client with id ‘XXXXXXX-2fa’ was successfully processed, proceeding to build Authorization Response” method=GET path=/api/oidc/authorization remote_ip=18.184.21.85
time=“2023-09-18T07:20:12Z” level=debug msg=“Access Request with id ‘fb716695-4e48-491c-8b98-458d68cecbfa’ on client with id ‘XXXXXXX-2fa’ is being processed” method=POST path=/api/oidc/token remote_ip=“2a06:98c0:3600::103”
time=“2023-09-18T07:20:12Z” level=debug msg=“Access Request with id ‘fb716695-4e48-491c-8b98-458d68cecbfa’ on client with id ‘XXXXXXX-2fa’ has successfully been processed” method=POST path=/api/oidc/token remote_ip=“2a06:98c0:3600::103”
The difference is the last two line. BUT: in this lines the remote ip changes to IPV6!!!
My docker machine do not use use IPV6, so I think problem is this.
I already turn off IPv6 Compatibility on the domain, but still not work.
How can I set zerotrust to do not use IPV6 is our communication?