After Authentication, I'm not forwarded back to the page from where I come.

[GediminasKr]

Hello,
I have a setup on Kubernetes with traefik:v2.9.4. I successfully finish the setup with one consolidated "AUTH_HOST" service for my platform. So when I'm accessing the main page, Ingress forwards me to the access page which is described in middleware:
traefik.ingress.kubernetes.io/router.middlewares: default-traefik-forward-auth@kubernetescrd. The login with Google Oauth finished successfully, but in the end, I'm stuck on the same https://auth.example.com page. For example, I came from https://apps.examle.com, but it does not forward back from https://auth.example.com.
Does anyone phase this issue?

***
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: traefik-forward-auth
spec:
forwardAuth:
address: https://auth.example.com/
#trustForwardHeader: true
authResponseHeaders:
- X-Forwarded-User

***
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: traefik-forward-auth
labels:
app.kubernetes.io/name: traefik-forward-auth
app.kubernetes.io/instance: traefik
annotations:
external-dns.alpha.kubernetes.io/hostname: auth.example.com
cert-manager.io/cluster-issuer: "lets-encrypt-issuer"
spec:
ingressClassName: traefik
tls:
- hosts:
- auth.example.com
secretName: auth-catalog-cert
rules:
- host: auth.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: traefik-forward-auth
port:
number: 4181

***
apiVersion: apps/v1
kind: Deployment
metadata:
name: traefik-forward-auth
labels:
app: traefik-forward-auth
spec:
replicas: 1
selector:
matchLabels:
app: traefik-forward-auth
strategy:
type: Recreate
template:
metadata:
labels:
app: traefik-forward-auth
spec:
terminationGracePeriodSeconds: 60
containers:
- image: thomseddon/traefik-forward-auth:latest
name: traefik-forward-auth
ports:
- containerPort: 4181
protocol: TCP
env:
- name: CONFIG
value: "/config"
- name: DOMAIN
value: "example.com,tas.eu"
# INSECURE_COOKIE is required if not using a https tentrypoin
- name: INSECURE_COOKIE
value: "false"
# Remove COOKIE_DOMAIN if not using auth host mode
- name: COOKIE_DOMAIN
value: "example.com"
- name: AUTH_HOST
value: "auth.example.com"
- name: LOG_LEVEL
value: "info"
- name: DEFAULT_PROVIDER
value: "google"
- name: CSRF_COOKIE_NAME
value: "_forward_auth_csrf"
- name: COOKIE_NAME
value: "_forward_auth"
- name: PROVIDERS_GOOGLE_CLIENT_ID
valueFrom:
secretKeyRef:
name: traefik-forward-auth-secrets
key: google-client-id
- name: PROVIDERS_GOOGLE_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: traefik-forward-auth-secrets
key: google-client-secret
- name: SECRET
valueFrom:
secretKeyRef:
name: traefik-forward-auth-secrets
key: secret
volumeMounts:
- name: configs
mountPath: /config
subPath: traefik-forward-auth.ini
resources:
requests:
memory: "512Mi"
cpu: "300m"
limits:
memory: "512Mi"
cpu: "300m"
volumes:
- name: configs
configMap:
name: configs
- name: traefik-forward-auth-secrets
secret:
secretName: traefik-forward-auth-secrets