Hi there,
I have an internal, regional load balancer, that I tried securing with Identity Aware Proxy (IAP). The backend services are Cloud Run services. For some reason, it didn’t end up working, most likely because I’m using cross-project referencing, so the services are residing in project A and the load balancer is residing in project B. That’s not a big deal.
However, what’s become really painful is that even after deleting all disabling IAP for the backend services, deleting the OAuth credentials, and disabling iap.googleapis.com from both project A and project B, I’m still getting the following error:
Invalid IAP credentials: Invalid bearer token. Invalid JWT audience.
When sending a curl request to the load balancer. Even though the APIs are entirely disabled and all the IAP components are deleted. I even tried deleting the backend services, deleting the Cloud Run services, and deleting the load balancers, are re-creating them, but it still gives the above error. The same curl request used to work before experimenting with IAP.
I’d really appreciate some support on this. Thanks for the help. Let me know if you have any questions!