Protecting URIs with OAuth2

Jonathan Matthews contact at
Tue Feb 11 12:32:31 UTC 2014

On 11 Feb 2014 06:33, "kate_r" <nginx-forum at> wrote:
> Hi
> Does anyone know how to protect an URI with OAuth authentication? the
> upstream sever is already capable of issuing new tokens, but I'm hoping
> nginx can check the access token for certain URIs.

In my experience, you can easily use nginx to pass the request to an
auth-only app which then tells nginx from where to serve the
success/failure response. I haven't seen a uncomplicated way of getting
nginx itself to do the auth entirely.

I suppose you could write an oauth implementation in lua/perl/etc and embed
it in nginx,  but I'd personally argue that would be a mistake in most

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list