OH3 now supports basic authentication, you’ll need to add the following to make it work:
add_header Set-Cookie X-OPENHAB-AUTH-HEADER=1;
proxy_set_header Authorization "";
If you don’t add the second line, you need to change the api security settings to allow basic authentication.