auth_request off; ignored when combined with auth_basic;

Francis Daly francis at
Fri Oct 13 22:12:32 UTC 2017

On Fri, Oct 13, 2017 at 11:39:50AM -0500, Stian Øvrevåge wrote:

Hi there,

> Quick follow-up. I tried negating the 401 redirect at the /api/
> endpoint but got an error:
>       named location "@error401" can be on the server level only
> Any suggestion on how I can enforce a side-wide redirect to /security/
> except the 2-3 endpoints that have basic auth?

It will probably be easier if you show the config that does not do what
you want; but my guess is that using "error_page" in the location{}s
with basic auth to override the (presumed) server-level "error_page"
setting might work.

That is: add something like "error_page 444 =444;" where you don't want
the 401 redirect to happen.

Francis Daly        francis at

More information about the nginx mailing list