Learn how to use Nginx auth_request to Set a Cookie. Our Nginx Support team is here to help you with your questions and concerns.

How to use Nginx auth_request to Set a Cookie

We can easily use Nginx’s auth_request module to set a cookie after successful authentication by adding a few additional configurations.

Let’s take a quick look at how to proceed:

1. To begin with, we have to configure Nginx to use the auth_request module. Then, we will have a configuration block similar to this:

   
2. Then, we need to use the add_header directive in the location block that handles successful authentication (usually /protected).
3. We also have to edit the /protected location block to add the add_header directive:

   

   Here, we set a cookie named “auth” with the value “true” and different attributes as seen here:

   • Max-Age=3600:
     The cookie will expire after 3600 seconds (1 hour). Also, we can change it to our needs.
   • Path=/:
     The cookie is valid for all paths on the domain.
   • Secure:
     The cookie is only sent over HTTPS connections.
   • HttpOnly:
     The cookie can’t be accessed by JavaScript, enhancing security.
4. In case the authentication fails, Nginx will handle it as per the /auth_error location block.
5. Finally, we have to test the configuration to make sure that Nginx sets the “auth” cookie during successful authentication when accessing the /protected resource.

[Need assistance with a different issue? Our team is available 24/7.]

Conclusion

In brief, our Support Experts demonstrated how to use Nginx auth_request to Set a Cookie.