I'm having the same problem. Unable to solve it so far.
@johnmiller @maburns @zradick did you manage to get past this problem, and if so, how?
Thanks for any advice! 
M
Best posts made by mark
-
RE: Error 403 with Nginx in frontposted in Q&A
-
RE: Error 403 with Nginx in frontposted in Q&A
OK so I was finally able to track it down fix it. Some short notes below, maybe it helps anyone else running into the same problem.
Thanks to @mark-robustelli and @dan for their inputs.- I accessed FusionAuth directly on port 9011, completely bypassing the reverse proxy
- In the CORS filter config, I activated "Debug enabled" which in the system logs showed me
java.lang.IllegalArgumentException: Illegal character in authority at index 7andjava.lang.NullPointerException: Cannot read field "actionURI" because "actionInvocation" is null - Going from there, I completely disabled the CORS filter
- This immediately got rid of the 403 and everything worked again, accessing FA using the reverse proxy
- The FA UI told me that I'm missing two headers in my reverse proxy config:
X-Forwarded-ProtoandX-Forwarded-Port, which I then configured (https/443 in my case) - After that I enabled the CORS filter again (all default values) and since, everything is working correctly, like before