auth_jwt_loginurl
The `auth_jwt_loginurl` directive specifies the URL to redirect to if JWT authentication fails.
Description
The auth_jwt_loginurl directive is part of the NGINX JWT authentication module, which provides a mechanism to secure NGINX locations using JSON Web Tokens. When enabled, this directive defines the endpoint that users will be redirected to when they attempt to access a protected resource without a valid JWT or if their JWT fails validation checks. The redirection only occurs if the auth_jwt_redirect directive is set to 'on'.
The value of the auth_jwt_loginurl directive should be a valid URL that points to your login or authentication page, allowing users to obtain a new JWT. It can be configured at the http, server, or location levels, giving flexibility in how and where authentication applies within the NGINX configuration. Setting this directive helps improve user experience by ensuring they are directed to the appropriate page to log in and receive valid credentials if their authentication fails.
To implement this functionality, the directive works in conjunction with several other JWT-related directives, such as auth_jwt_enabled to toggle JWT checking and auth_jwt_redirect to enable redirection. Without proper configuration of these directives, attempts to set the auth_jwt_loginurl would not yield the desired effect, leading to potential confusion about authentication failures during user requests.
Config Example
location /protected {
auth_jwt_enabled on;
auth_jwt_redirect on;
auth_jwt_loginurl /login;
auth_jwt_key my_secret_key;
}Ensure that auth_jwt_redirect is set to 'on' for redirection to occur; otherwise, the directive has no effect.
The URL specified must be reachable and correctly configured to handle authentication processes.
This directive can be placed at multiple contexts (http, server, location), be mindful of where it's set as it can affect its functionality.