Thanks so much Francis, yes that seems to be have worked. When the application is accessed outside our domain, it doesn't try to negotiate which would pop up the Windows authentication prompt and would never work anyways, but if the user is inside our domain either by being physically inside the building or through a VPN, the negotiate header is there to allow for automatic sign-in using their Wiby eckern - Nginx Mailing List - English
I'm trying to conditionally remove a proxy header but this doesn't appear to be allowed using an "if". Ideally it would look something like this where $external_traffic is either 0 or 1: if ($external_traffic) { ... proxy_hide_header WWW-Authenticate; # Remove negotiate header ... } My workaround is to set up another site with proxy_hide_header set and do a redirect to it inby eckern - Nginx Mailing List - English