I just wanted to report back on this thread that after looking more closely at @SDKAAA 's configuration we found the cause of this issue. It is actually visible in the nginx config posted above; the problem is the line setting the protocol to http:
proxy_set_header X-Forwarded-Proto http;
This needs to be https, or the line omitted altogether.
regards,
Phil