Everything is working as expected with the exception of the Authorization header which contains a Bearer token.

Application is a npm package that is wrapped in a React app. We are then using NGINX to run the React app within a Docker container. The redirect URL and token come from a service running separately. Typically in another pod in a Kubernetes cluster but for development it is running locally.

I have tried testing for the header within my default.conf file by using:

    if ($http_authorization = "") {
      return 490;
    }

This always returns 490 and using breakpoints in the browser’s dev tools seems to also confirm that the header is not there. I do have underscores_in_headers on; in my default.conf, and I have even tried hardcoding the headers within NGINX and still do not see them in the browser’s dev tools.

Everything I have read says the headers shouldn’t be effected. At this point I am at a lose at what to try next. Any suggestions are greatly appreciated.

NGINX conf file:

underscores_in_headers on;
    
server {
  listen 80;
  root /usr/share/nginx/html;
  index /index.html index.htm;
    
  location /path/app/ {
    try_files $uri $uri/ /path/app/index.html;
  }
}