How to enable HTTP Authorization Header on the Nginx server?

[Demoxing]

I am trying to configure JWT Authentication for WordPress REST API. But the problem is there is no direct config available for enabling the HTTP Authorization Header. Nginx doesn't have a .htaccess file, so I can't add the rewrite rules.

Here are the rules for apache based server:

RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]

I believe it's not going to work with Nginx. What is the solution available for the Nginx side?

[pesseba]

I don't know Ngix too, but my host applied this configuration for me:

if ($http_authorization ~ "^(.*)"){
	set $rule_0 1;
}
if ($rule_0 = "1"){
	set $http_authorization %1;
}

[Demoxing]

if ($http_authorization ~ "^(.*)"){
set $rule_0 1;
}
if ($rule_0 = "1"){
set $http_authorization %1;
}

Where do I have to add this code? In which file?

[shayr1]

For future reference, this goes in nginx's server block inside

server {
  server_name yourdomain.com;
  ...rest of server block

  if ($http_authorization ~ "^(.*)"){
    set $rule_0 1;
  }
  if ($rule_0 = "1"){
    set $http_authorization %1;
  }

}

On Ubuntu default installations configuration files can be found under /etc/nginx/sites-available/. On hosting companies if there's a panel there should be a place that let the user edit "Server Blocks"

[dominic-ks]

Hey @shayr1 @Demoxing is this now working on nginx for you with this config? If so we could add it to the readme.