Multiples JWT in the same request

Geovana Possenti geovana.possenti at gmail.com
Fri Jan 1 20:51:52 UTC 2021


Hello,

I have a request that sends two different tokens (JWT) generated with the
same key (JWK).

Could nginx validate both tokens? Each of them is passed in a different
Header. I tried to duplicate the auth_jwt configuration but it is not
possible to duplicate this parameterization in the same location.

It works:
location /myapp {
proxy_pass http://xxxx;
auth_jwt "Client Token" token=$http_authclient;
auth_jwt_key_file conf.d/key.jwt;
}

It doesn't work:
location /myapp {
proxy_pass http://xxxx;
auth_jwt "Client Token" token=$http_authclient;
auth_jwt "User Token" token=$http_authuser;
auth_jwt_key_file conf.d/key.jwt;
}

Request Example passing two Tokens:
curl -H "Authclient: XXXXXXX" -H "Authuser: YYYYYYYY"
http://localhost:8080/myapp

Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20210101/af564f61/attachment.htm>


More information about the nginx mailing list