X-Forwarded-Proto is changed when using Auth Forward Setting

Traefik v1.7.14 is deployed inside a Service Fabric cluster with a following setup:

Client --- HTTPs ---> Azure Load Balancer --- HTTP ---> Traefik

We deploy a sidecar in the cluster using which we integrate Traefik's API endpoint with Azure AD. We then configure Traefik's API endpoint with "Auth Forward" through this service:

[entryPoints.traefik]
    address = ":8080"
    [entryPoints.traefik.auth]
      [entryPoints.traefik.auth.forward]
        address = "http://localhost:4181"
        authResponseHeaders = ["X-Forwarded-User"]

The auth service (sidecar) uses "X-Forwarded-Proto" to build a redirect URI and make requests to Azure AD. However, the value is HTTP, not HTTPs.

Why wouldn't Traefik preserve client request's protocol?

Somewhere in the documentation there is a mention of "trustForwardHeader" setting. I guess that's false by default. I'm gonna try setting that to True and see.