Hi,
I’ve been using PHPMaker 2025 (version 2025.12), and I ran into a common issue when using the built-in API features with JWT authentication. Even when I send a valid JWT token via the Authorization header, all API calls (lookup, upload, etc.) return a 401 Unauthorized response.
After some debugging, I found that Apache does not pass the Authorization header to PHP by default. This causes $request->getHeaderLine("Authorization") to return an empty string, resulting in failed authentication.
The fix is simple: adding the following line to .htaccess solves the issue completely:
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
However, since PHPMaker regenerates .htaccess on every project generation, this line gets removed each time, and I have to manually add it back.
Suggestion:
Please consider including this line in the default .htaccess file generated by PHPMaker, or at least provide a setting to enable it for users who use Apache and JWT.
It would make working with the API system much smoother and save users from unnecessary debugging.
Thanks for your great work!