JWT auth working locally, not on server

I have a website on digital ocean droplet. If i simpoly visit the WP base url for the api (i.e. site/wp-json) i get this message:

SetEnvIf Authorization “(.*)” HTTP_AUTHORIZATION=$1

{
"code": "jwt_auth_bad_auth_header",
"message": "Authorization header malformed.",
"data": {
"status": 403
}
}

I am curious? Why would this message even show up at /wp-json? shouldn’t it only show up at the jwt specific endpoints?

Alternatively, I followed the plugin setup to a T. I added everhting to my htaccess and wp-config. Here’s what my htaccess looks like:

RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

It seems to be working on my local setup which uses MAMP, but no luck on the staging server. any suggestions?