Authentication fails depending on FQDN entered by end user

See attached picture for topology with nginx reverse proxy (fqdn proxy.com) for server with fqdn endpoint.com.
Between internet and LAN is a router forwarding all traffic on port 443 to proxy.com

Internet DNS records for proxy.com and endpoint.com point to Firewall external IP.
LAN DNS records for proxy.com and endpoint.com point to local IP addresses of these hosts.

When user enters proxy.com he is proxied to endpoint.com , he gets login screen of endpoint.com but authentication fails.
When user enters endpoint.com he is proxied to endpoint.com , he gets login screen of endpoint.com and authentication succeeds.

Why is authentication failing when proxy.com is used in the end user's browser?

Here is the nginx config for the proxy:

proxy_pass https://endpoint.com;

more_set_input_headers 'Authorization: $http_authorization';
proxy_set_header Accept-Encoding "";

proxy_set_header X_FORWARDED_PROTO https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Url-Scheme $scheme;
proxy_redirect off;
proxy_max_temp_file_size 0;