Plain text token in config!

bouvierh nginx-forum at
Thu Apr 8 18:58:01 UTC 2021


I currently use Nginx as a reverse proxy for my backend services. 

Nginx authenticates itself to the backend services using a Token that is
generated by a process every 10 minutes and that process is writing the
token in the config file and reloading nginx regularly:

location / {
    proxy_set_header    Authorization "PLAIN TEXT TOKEN WRITTEN BY PROCESS";
    proxy_pass https://backend;

I would like to avoid having a token in plain text. Is there a way to avoid
I though of the following options:
- Use env var: But that is impossible nginx doesn't support it
- Query the token by having the process establish a local server. Could work
but how can the process return the result as a variable to nginx?
- Pass the config in memory instead of writing it to a file. Could be a
simple option but I didn't find a way to do that.

Do you have any idea how I can achieve that?

Thank you!

Posted at Nginx Forum:,291202,291202#msg-291202

More information about the nginx mailing list