We've been using OIDC tokens with our application behind AWS ALB, and its been working fine until last week. Looks like UserInfo endpoint not returning everything AWS ALB is expecting as per OIDC protocol specs? MSFT has been advising to use /me endpoint but it doesn't return sub.
We've tried putting right scope (openid, email, profile) and manifest in Azure AD application but no luck. Any idea if there's anything change when it comes to UserInfo endpoint?