```
location / {
proxy_pass $forward_auth_target;
allow x/24;
deny all;
satisfy any; # This gets satisfied by the IP check, and auth is
completely bypassed
auth_basic "";
auth_basic_user_file "/etc/nginx/basic_auth/$forward_auth_bypass";
Hello,
[...]
> ```
> The goal is to bypass SSO if a correct HTTP Basic Auth header is present
> while making sure connections are only from said IPs.
>
> When I disable the IP check it works flawlessly. How could I separate these
> requirements?
>
> So (SSO or Basic Auth) and Correct IP
Just
