I first try to test flask-jwt on my local machine, by using flask's built-in server. I request http:/localhost/auth with my username and password as payload it works fine, and I got a token. Then I request a protected API with this token, say with "JWT access_token" as the Authorization header. This works pretty well on local machine.
Then when I deployed it on my server. I can still get a token by request server/auth, while after that when I request a protected api, I always got a 401 UNAUTHORIZED even the token was just issued and I did it the same way as on my local machine.
Is it because some cookies-related issue on my server side?
Are you on Apache? If so you need to have the following line in your Apache2 VirtualHost .conf file in the sites-available directory:
WSGIPassAuthorization On