A company is seeking to enhance the security of their web-based application hosted on AWS. The application utilizes Amazon CloudFront with two distinct custom origins. The first origin directs requests to an Amazon API Gateway HTTP API, while the second origin directs traffic to an Application Load Balancer (ALB). The application employs an OpenID Connect (OIDC) identity provider (IdP) for user authentication. A recent security audit revealed that the API is secured using a JSON Web Token (JWT) authorizer, but the ALB is currently configured to accept requests from both authenticated and unauthenticated users. To address this security gap, a solutions architect is tasked with designing a solution that ensures all backend services are accessible only by authenticated users. Which solution should the architect implement to achieve this goal?