I thought you were supposed to set Authorization to the token obtained from openhab?
In nginx I’ve tried
proxy_set_header Set-Cookie "X-OPENHAB-AUTH-HEADER=true;path=/;Secure";
and either set the Authorization header to the token I got from openhab, or delete the Authorization header entirely but I still can’t get it to work. The token generated from the UI includes a label field. I’ve tried with and without that label.
What I don’t understand is why I can get the Android app to work locally direct to openab, but not through from the internet through my proxy when I completely remove the Authorization field. In both cases when I look at the network traffic to openhab it looks something like
GET /rest/ HTTP/1.0 Host: x.net/openhab X-Real-IP: x.x.x.x X-Forwarded-For: x.x.xx X-Forwarded-Proto: https Connection: Upgrade user-agent: openHAB client for Android cache-control: no-cache accept-encoding: gzip
Yet it only works on my local network. When I come in from the internet and remove the Authorization header to make the request look the same as a local request it shows empty for the main /rest endpoint, but other endpoints do return data, such as /rest/items. Is openhab doing some filtering on IP? I don’t want to use the same username/password that I made for openhab to log into my main proxy, which is why I’m not just using the REST authentication option.