I am learning how to use mtls with IDPs and the one I am testing now is Cloudenity.
I've followed their doc to configure the application.
When I tried to send the request to the token endpoint, I am getting 400 response
curl --request POST \
--url https://xxx.authz.cloudentity.io/xxx/oauth2/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data grant_type=client_credentials \
--data client_id=xxx \
--cacert ca.pem \
--cert cert.pem \
--key key.pem
{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed","error_hint":"client must provide x509 certificate","status_code":400}
When I tried this command with -v flag, it seems that I am going through cloudflare. From my understanding, mTLS must happen between the server and client directly, which means this will never work when a proxy is in between.
Does anyone know how this works? Can you please give me an example?
Thank you