OAuth Authorization Header

[spectravp]

Might want to update the docs for this, but it seems that Apache 2.4+ strips out the Authorization header by default. I had to add the following to get OAuth working again:
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

This was on an existing project that was working fine and reprovisioned vagrant to use Apache 2.4. Afterwards, all my API requests were returning 403. Adding the above to my site config solved the issue.

[delboy1978uk]

I had this same issue and it took a while before I figured out what was going on! :-|
If you are using a puPHPet vagrant box, you add a setenvif: setting in the vhost just under setenv.

        setenvif:
            - 'Authorization "(.*)" HTTP_AUTHORIZATION=$1'

[spectravp]

Had this on a live Ubuntu box with clean Apache 2.4 install.

[weierophinney]

This repository has been closed and moved to laminas-api-tools/documentation; a new issue has been opened at laminas-api-tools/documentation#9.