Support request: Authelia automatically returns status 200 with Traefik 2.4.5 forwardauth

As the title says, I have traefik working fine and exposing containers. I also have authelia working independently. I can navigate to the authelia container and login, even 2FA works. However, when I use forwardauth middleware to protect even the traefik dashboard or any container, Authelia automatically returns status code 200 when it gets the request. Thus, I never receive the challenge, and anyone can access anything.

Traefik logs show nothing abnormal, and according to the trace-level logs with Authelia, it is detecting the forward auth. However, the logs just show:

2021-03-08T02:40:40.676804351Z time="2021-03-08T02:40:40Z" level=trace msg="Request hit" method=GET path=/verify remote_ip=

2021-03-08T02:40:40.676813578Z time="2021-03-08T02:40:40Z" level=trace msg="Replied (status=200)" method=GET path=/verify remote_ip=

Due to this trace logging, I assume Traefik is forwarding the authentication to Authelia properly. I suspect I have something mis-configured in Authelia. However, I suspect I have been staring at this for too long and am missing something obvious.

Here is a pastebin for the Traefik and Authelia docker-compose and configurations: #Traefik docker-composeversion: '3'services: traefik: -

You can see I followed this guide by Spad at LinuxServer.IO and have done my best to cross-reference with the examples in the official Authelia lite deployment GitHub here: authelia/configuration.yml at master · authelia/authelia · GitHub

Update: I reversed the root directory and sub folders. Turns out forward auth only works when authelia is at a root directory, in this case However, a curious interaction is the traefik dashboard must have both /api and /dashboard sub directories routed to it. Unfortunately, this conflicts with Authelia when /api is used as the 1st level subdirectory. For now, this works, though I have lost functionality of the dashboard. Logging this as an issue with Traefik on github.

Edit: working (mostly) configuration for any future search engines: #traefik docker-composeversion: '3'services: traefik: -

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.