# Send auth check to /authorize location.
auth_request /authorize;

auth_request_set $target_url $scheme://$http_host$request_uri;

# Set cookies we get back from the auth check
auth_request_set $saved_set_cookie $upstream_http_set_cookie;
add_header Set-Cookie $saved_set_cookie;

# If we get a 401, respond with a named location
error_page 401 =302 https://fwdauth.localhost.pomerium.io/?uri=$target_url;