I\'ve seen similar questions but still can\'t get this to work.
I\'m new with Symfony and I\'m using Lexik JWT bundle with symfony3 for API authentication, and a log
The authorization header should be
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9....9YR_D7N9E
If someone still having this problem especially after doing everything above, you can try something like this. Instead of using HTTP_AUTHORIZATION
you can use a custom http header such as Php-Auth-Digest
. Using HTTP_AUTHORIZATION
can be tricky and could be removed from the request due to various different server settings (especially using shared server environments, cPanel and so on)
The config to accept custom http header in LexikJWT Bundle is this,
lexik_jwt_authentication:
# token extraction settings
token_extractors:
# look for a token as Authorization Header
authorization_header:
enabled: true
prefix: Bearer
name: Php-Auth-Digest
To find more about this visit this link - https://github.com/lexik/LexikJWTAuthenticationBundle/blob/master/Resources/doc/1-configuration-reference.md
Sending the header from your api app would look like this (this is an example from Angular 6)
request = request.clone({
setHeaders: {
"Php-Auth-Digest": `Bearer ${currentUser.token}`,
}
});
I hope this helps someone. Cheers.
The first solution works to solve "401 - Bad authentication" error.
But for Apache users that have the error "401 - JWT Token not found", the solution is to rewrite HTTP Authorization header of request, by placing following instructions on your virtualhost :
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
You could find further readings about this issue on documentation, on this post and this one.