auth_http
The `auth_http` directive in NGINX Mail Core sets up an external server for authenticating mail users via an HTTP request.
Description
The auth_http directive is utilized in the NGINX Mail Core module to enable authentication of mail users through an external HTTP service. When configured, NGINX will communicate with the specified HTTP server to verify user credentials during the authentication process. This allows for leveraging existing HTTP-based authentication mechanisms, providing flexibility for integrating NGINX with external identity providers.
This directive takes a single argument, which is a URL to the HTTP server that will handle the authentication requests. The parameters are set within a specific mail server context, which allows the configuration to be tailored for different mail server instances supported by NGINX. For instance, it can be used to integrate with a REST API that manages user authentication, further extending the capabilities of NGINX in managing mail services.
The auth_http directive is particularly useful in environments where centralized authentication is desired, and it supports various authentication schemes. Depending on the response from the HTTP server, NGINX can either grant access or deny it based on the credentials provided by users attempting to connect to the mail service.
Config Example
mail {
server {
listen 25;
auth_http http://auth-server/auth;
}
}Ensure the URL is correctly formatted and reachable from the NGINX server.
HTTP authentication may require secure handling to avoid exposing sensitive credentials.
Validate that the external HTTP server responds quickly to avoid delay in mail service authentication.