ngx-http-auth-jwt-module
ngx-http-auth-jwt-module copied to clipboard
Secure your NGINX locations with JWT
Hello, I am currently looking to only allow a particular user (JWT subject) to access a specific endpoint on my web server. So I am using the following configuration to...
As indicated in the README: >Please note that number, boolean, array, and object claims are not supported at this time -- only string claims are supported. An error will be...
I'll have to check the Docker Engine and Docker Compose version, but I tried to build the module on a server using the syntax in your sample Docker file. On...
Hi, since this module is solving an crucial gap specifically for the nginx community I was thinking it might make sense to add a simplistic example configuration somewhere how to...
``` /root/nginx//modules/ngx-http-auth-jwt-module/src/ngx_http_auth_jwt_module.c:657:9: error: too few arguments to function ‘ngx_http_parse_multi_header_lines’ 657 | if (ngx_http_parse_multi_header_lines(&r->headers_in.cookies, &jwt_location, &jwtCookieVal) != NGX_DECLINED) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ src/http/ngx_http.h:111:18: note: declared here 111 | ngx_table_elt_t *ngx_http_parse_multi_header_lines(ngx_http_request_t *r, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~...
To handle key rotation, from what I understand it's common to have a [JSON Web Key Set](https://auth0.com/docs/secure/tokens/json-web-tokens/json-web-key-set-properties) (JWKS) file ([related standard](https://datatracker.ietf.org/doc/html/rfc7517#section-5)) that contains a collection of JSON Web Keys (represented...
The container is build with a tag equal to the `$NGINX_VERSION` but started without a tag (which means `latest`), which is never built/tagged. So just use `$NGINX_VERSION` when starting it...
I have an old Docker Build that was working 1 year ago, and I don't think I've changed anything in the configuration since then. I recently tried to rebuild my...
The ngx_http_auth_jwt_module module from NGINX Plus contains a variable to retrieve the entire body of the token. "$jwt_payload returns the decrypted top-level payload of nested or encrypted tokens (1.21.2). For...
Hello all, Is it possible to use more than one cookie for the ```auth_jwt_location``` directive? I have a case where I have to use two different cookies (signed by the...