Hello, we have GoodData docker running in our development environments and those are configured to use our own IdP so that we can use same token as our main application. In some cases the authentication token is larger and we end up into 503 error in user interface. Logs tell us that the header is too large for the nginx:

2023/03/22 12:00:09 [error] 2155#2155: *17315 upstream sent too big header while reading response header from upstream, client: 10.50.46.72, server: _, request: "GET /login/oauth2/code/...

Is there any way to increase the maximum header size for the docker?

the built-in nginx has

client_header_buffer_size

set to 16k. Currently there's no way how to override this limit on customer side, without building custom image based on gooddata-cn-ce image.

Ok, thanks! Do we have similar limit in the cloud ?

Hi Juha-Pekka, the same limitation is present in Cloud as well.

It should not be a problem to increase it. @Juha-Pekka Laine - do you have estimate, how many bytes the request headers have AND how big is the longest header (

Cookie:

I guess)

I need to check how big those might be. We have some special rules in Auth0 that will actually increase the size of authentication and identification token. We can do something to reduce the size, as we have identified already the challenge with large tokens.

great, please let us know if you find approximate sizes

From cloud.gooddata.com EU:

I identified error in our code and will file an issue. Thanks for reporting. Based on our assumptions, all services should accept 16kB long headers. Unfortunately some of them accept at most 8kB. 😞

Thanks for investigating this. In the meanwhile, we try to apply some tricks to keep it under 8k. In microservice backend we need to have extra authorization info there, but maybe we can do something