I regularly use nginx to reverse proxy third-party API calls. I use it to protect API keys.
In my case, I strip all cookies and sensitive headers. One must keep in mind that the browser will treat it as a first-party request and the security implications that has. You may have to filter or modify cookies/headers.
In my case, I strip all cookies and sensitive headers. One must keep in mind that the browser will treat it as a first-party request and the security implications that has. You may have to filter or modify cookies/headers.
https://jeremypoole.ca/posts/protecting_api_keys_on_the_fron...