The ngx_http_auth_jwt_module is one of the powerful tools in Nginx that allows us to implement authentication based on JWT (JSON Web Tokens). This module can easily be used in various requests to ensure the security of APIs and websites. In this article, we will explore configuring the auth_jwt_type related to this module.
The configuration auth_jwt_type allows us to specify the type of JWT token. Various types of JWT exist that we can use for authentication, including none, bearer, and cookie, which each follow different methods for performing token validation. In general, this ability helps us customize the way we send tokens to match our request type configuration.
Typically in an API, we use bearer tokens, which would be sent in the HTTP request like this: Authorization: Bearer [TOKEN]. However, if we want to use HTTP cookies as a means to send the token, we can configure auth_jwt_type to cookie.
Next, we will examine a simple example of configuring the module for authentication using JWT. These configurations can easily be placed in your Nginx configuration file and allow you to easily review and select between different types of authentication.
Example Code
location /api {
auth_jwt "Protected Area";
auth_jwt_key "your_jwt_secret_key_here";
auth_jwt_type bearer;
proxy_pass http://your_backend;
}Code Explanation
- location /api: This section specifies that these configurations apply to URLs that begin with /api.
- auth_jwt "Protected Area": A message displayed to the user if access is denied; here it is named "Protected Area".
- auth_jwt_key "your_jwt_secret_key_here": The secret key that the JWT tokens are signed with.
- auth_jwt_type bearer: The type of JWT token chosen here is
bearer. - proxy_pass http://your_backend: If authentication succeeds, the request is proxied to the backend server.
In summary, the ngx_http_auth_jwt_module enables you to easily implement authentication based on JWT tokens in Nginx and provides you with various options and configurations to customize your authentication method.