Bauyrzhan Yessetov

I think it should be enforced only for users with `disableSettings: true`, to avoid unexpected behavior for users with `disableSettings: false`.

It would be great to have a separate JWT authentication feature with a configurable secret key parameter, and using the expiration time from the native payload (/exp/).

or it would be nice if we could set user configurations for any users directly via the UI > User Management and global setting for all users UI and .yml...

Thank you! Yes, Grafana supports similar feature: 🔗 [Grafana JWT authentication](https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/jwt/) It works similarly to proxy authentication, but in a more secure way.

Grafana ```ini [auth.jwt] enabled = true header_name = X-JWT-Assertion username_claim = sub auto_sign_up = true url_login = true key_file = 'jwt-public-key.pem' ``` Proxy ```js const express = require('express'); const {...

I tried combining OIDC with Windows NTLM, but it didn’t work out, so I decided to handle it via proxy instead.

I’ve seen several attempts to implement this feature: [2474](https://github.com/filebrowser/filebrowser/pull/2474) [2961](https://github.com/filebrowser/filebrowser/pull/2961) [2957](https://github.com/filebrowser/filebrowser/pull/2957)

The token can be passed either via query or header — that’s not very important. But passing it via query is more practical because it allows authentication without a proxy...

Yes, exactly. I’d prefer using the query parameter for external tokens, because I’m currently facing an issue when proxying requests to HTTPS targets.

It's not related with share FileBrowser Logs: ``` 2025/10/24 08:23:22 GET | 200 | PROXY_IP:57765 | USER | 0ms | "/filebrowser/api/resources?path=%252F&source=%25D0%25A4%25D0%25B0%25D0%25B9%25D0%25BB%25D1%258B" 2025/10/24 08:23:22 GET | 200 | PROXY_IP:57766 | USER...