Azure Web App (App Service) loses Authorization header when acting as a reverse proxy

Question

Azure Web App (App Service) loses Authorization header when acting as a reverse proxy

mugi112 0

When using nginx as a reverse proxy, I get errors from Web App endpoint using GET that the target address does not receive Authorization header. The Authorization header is present at the request.
When running the same exact image locally the Authorization header is correctly transmitted, and authentication to the source works correctly when performing a GET request.

Siva Nair 2,420 Reputation points Microsoft External Staff Moderator

2025-02-17T04:44:39.4433333+00:00

Hi mugi112,

We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.

1 answer

Your answer

Siva Nair 2,420 Reputation points Microsoft External Staff Moderator

2025-02-17T04:44:39.4433333+00:00

Hi mugi112,

We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.

Answer 1

Hi mugi112,

Welcome to the Microsoft Q&A.

I understand that you're experiencing difficulties with authorization header when acting as a reverse proxy

To fix the issue, Lets follow these steps:

Use an Azure Web App setting to preserve the Authorization header: az webapp config appsettings set --resource-group <your-resource-group> --name <your-app-name> --settings "WEBSITES_DISABLE_APP_SERVICE_AUTHENTICATION=True" OR manually add an App Setting in the Azure Portal: Go to Azure Portal → Your App Service → Configuration → Application Settings Add: WEBSITES_DISABLE_APP_SERVICE_AUTHENTICATION = True
Modify NGINX to Pass the Authorization Header:- Ensure that NGINX is explicitly passing the Authorization header: proxy_set_header Authorization $http_authorization; Also, check if proxy_pass_request_headers is enabled.
Ensure Web App Doesn’t Require Authentication:- If you are using Azure App Service Authentication (Easy Auth), it might interfere. Disable authentication in Azure Portal under: App Service → Authentication / Authorization then Set "App Service Authentication" to Off (or adjust settings as needed).
Debug with Kudu Console:- You can check incoming headers using Kudu Console: Navigate to Kudu Console. Use curl to inspect headers: Check if the Authorization header is being received. curl -I -H "Authorization: Bearer test-token" https://<your-app-name>.azurewebsites.net/.

For reference - https://learn.microsoft.com/en-us/azure/app-service/configure-common?tabs=portal#preserve-the-authorization-header

If you have any further assistant, do let me know.

Siva Nair 2,420 Reputation points Microsoft External Staff Moderator

2025-02-18T06:19:33.55+00:00

Hi mugi112,

We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
Siva Nair 2,420 Reputation points Microsoft External Staff Moderator

2025-02-19T05:11:35.23+00:00

Hi mugi112,

We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.

Share via

Azure Web App (App Service) loses Authorization header when acting as a reverse proxy

1 answer

Your answer