Hi Jan thanks for your perspective and prompt response-
1- one thing- I was thinking if API page is accessible through external world then sidecar can access since sidecar config which resides in /etc/graylog/sidecar/sidecar.yml
is like below:
# The URL to the Graylog server API.
server_url: "https://subdomain.domain/api/"
where I concluded that API shall be accessible from outside- am I wrong?
because this URL utilizes API to authenticate to Graylog server.
2- working config doesn’t expose API somehow to outside- if you don’t have “/api/” location enabled separately- which I did because of my point in the 1 st answer.
Other directives is for cookie caching and resolving problems related with SSL sessions together with DNS issues of Nginx.
For the URL you sent- it is mostly the same- maybe very small variation but I will try again with standard guidanceand let you know about it too.
I believe problem is exposing API thorugh SSL but not being able to authenticate due to somehow authentication token is not passed properly with NGINX config.
But still cannot figure out whats the solution.