Stuck pendingToken with IIS reverse proxy on login

Need help from people who understand the internal of OpenHAB.

I set up a proxy on IIS for OpenHAB, everything works except for one thing: after entering the login and password in the built-in interface, OpenHAB redirects me to the main page where I am not authorized.

If you look in the file then

If you look at the file d:\openhab\userdata\jsondb\users.json, then an pendingToken token appears, which should not be after a successful login

"oh3": {
    "class": "org.openhab.core.auth.ManagedUser",
    "value": {
      "name": "oh3",
      "passwordHash": "E7YlKVgskmHMNscXDkx/0I/GjPhnoRBfbYuTOEMjLO16u7mHFq08TeUnhK3HMY4w0xAf8z0o7BULwAq07mEuKQ\u003d\u003d",
      "passwordSalt": "/Gpj8AGGYa1O7JKzBb3pt1ougzAk/jnCmxooCSBIumUTRtgkROzmKaal69ufqc74o/gj6YK0zaNVKiuNO/HYbw\u003d\u003d",
      "roles": [
      "pendingToken": {
        "authorizationCode": "f0be987e934f4d8d969df08163607147",
        "clientId": "http://oh3.home.local",
        "redirectUri": "http://oh3.home.local",
        "scope": "admin",
        "codeChallenge": "Dufe_JPgh0Fu_ARfe4kT18NMUdOXPVmuyoE6hBobPkQ",
        "codeChallengeMethod": "S256"
      "sessions": [
          "sessionId": "493ecbb9-08e4-445e-b008-5b82204fb588",
          "refreshToken": "6e932510e7df4f6096961982f5adbf69",
          "createdTime": "Jun 24, 2022, 3:14:32 PM",
          "lastRefreshTime": "Jun 24, 2022, 3:14:32 PM",
          "clientId": "http://oh3.home.local:8080",
          "redirectUri": "http://oh3.home.local:8080",
          "scope": "admin",
          "sessionCookie": true
      "apiTokens": []

http://oh3.home.local - IIS Reverse Proxy, pendingToken appears
http://oh3.home.local:8080 - Direct Web UI, all good

I’ve already broken my brain and I don’t understand what I have to do to make authorization through a proxy work fine.