I'm currently implementing some logic in my nginx configuration so I can handle authentication and token verification. My logic here is:
First case scenario:
Second case scenario:
First of all, does this logic seems alright to you? should I be considering other options authentication options? And most importantly, how do I implement this logic using nginx?
My nginx configuration looks like this:
http {
upstream gateway {
server ...;
upstream auth {
server ...;
upstream someservice {
server ...;
server {
location ^~ /api {
proxy_pass http://gateway;
# redirect ???
location /auth {
proxy_pass http://auth;
location /someservice {
proxy_pass http://someservice;
So finally I kept my original configurations with some small tweaks like the great auth_request
nginx directive, and I group functionality by level of protection, if the user tries to access a secured resource, then nginx will validate first the request via another service.