I am using nginx as webserver which forwards auth request with credentials or authorization header to another webserver over loopback 127.0.0.1. The recieving webserver is lighttpd which handles authorization requests as OPTIONS method. Hence my nginx auth location looks like below, where lighttpd listens to authorization request on port 8082 in the same machine.