Azure Frontdoor WAF Managed Policy conflict with github OIDC

Hi Antoine,

Thanks for your help.
After all I got it working by disabling following general managed rules on the waf policies in Azure:

  • 920420 - Request content type is not allowed by policy
  • 931130 - Possible Remote File Inclusion (RFI) Attack: Off-Domain Reference/Link
  • 942340 - Detects basic SQL authentication bypass attempts 3/3
  • 200003 - Multipart request body failed strict validation

So far it seems to work and not block any connections between github and sonarqube anymore.

Best regards, Flavio