Posted: April 2, 2019 at 1:52 pm
I did a lot of research on the topic. I did a support post last year on the topic: https://eventespresso.com/topic/app-login-error-after-changing-url-for-a-ssl/
My host is asking my this:
Can you help on this ?
Is there a other way for the app to get access to the site ?
It sounds like you’ll need to move the site to a server that does allow the Basic Auth headers. When a server deletes the headers then the apps cannot authenticate the request.
In the future, if JSON Web Tokens becomes a viable option for authorization with the apps, then other types of servers may be used with the apps. For the time being the apps do require the Basic Auth headers get passed (not deleted).