Configuration of nginx as a reverse proxy for verify a Json web token of my own website and logging in grafana as a SSO

Hi i’m tying to configurate a nginx reverse-proxy funcionality to get an JWT created in my website during the log in. the JWT is send as a Bearer in the autorization header, but it doesn’t work, my response all the time is 502 bas Gateway. I 'll show you my nginx.conf and my grafana.ini. I’m using the jwt module of the following github repository: Jason web token nginx module - github repository
Grafana and nginx are in docker containers and connected to the same network. I need your help please


user  nginx;
worker_processes  auto;
error_log  /var/log/nginx/error.log notice;
pid        /var/run/;
load_module /usr/lib64/nginx/modules/;
events {
    worker_connections  1024;
http {
   upstream grafana {
    listen 8083;
    location / {
          auth_jwt_use_keyfile on;
          auth_jwt_keyfile_path "/etc/nginx/public.pem";
          auth_jwt_enabled on;
          auth_jwt_algorithm RS256;
          auth_jwt_location HEADER=Authorization;
          auth_jwt_extract_request_claims username;
          proxy_pass / http://grafana;
          proxy_http_version 1.1;
          proxy_hide_header Upgrade;
          proxy_set_header Connection "Keep-Alive";
          proxy_set_header Host $host;
          proxy_set_header Proxy-Connection "Keep-Alive";

          add_header 'Access-Control-Allow-Origin' '*' always;
          add_header 'Access-Control-Allow-Credentials' 'true' always;
          add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
          add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
          # required to be able to read Authorization header in frontend
          add_header 'Access-Control-Expose-Headers' 'Authorization' always;

          if ($request_method = 'OPTIONS') {
            # Tell client that this pre-flight info is valid for 20 days
            add_header 'Access-Control-Max-Age' 1728000;
            add_header 'Content-Type' 'text/plain charset=UTF-8';
            add_header 'Content-Length' 0;
            return 204;


    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;
    sendfile        on;
    #tcp_nopush     on;
    keepalive_timeout  65;
    #gzip  on;




provisioning = /etc/grafana/provisioning


enable_gzip = true

# To add HTTPS support:

protocol = http

http_port = 8083

domain = localhost

root_url = %(protocol)s://%(domain)s:%(http_port)s/


#router_logging = false

static_root_path = public

#cert_file = /etc/certs/cert.pem

#cert_key = /etc/certs/cert-key.pem


# If you want to embed grafana into an iframe for example

allow_embedding = true


allow_sign_up = false

disable_login_form = true


enabled = true

header_name = X-JWT-Assertion

signing_key = password

key_file = /etc/certs/public.pem


whitelist= localhost:8083 localhost:8080

auto_sign_up = true

username_claim = sub


auto_login = true

url_login = true

Docker ports where the containers are:

Nginx log:

Response error google chrome:


~ the grafana team

Stuck with same issue myself