Laravel + Nginx + Basic auth: how to avoid to apply auth to /api routes?

We have Nginx and using it to serve a Laravel 8 project

I have the need to protect with a basic auth this demo project.

it works, using nginx and auth_basic_file directive

auth_basic            "My DEMO";

location ~ ^/(api|public|images)/.* {
    auth_basic off;
    try_files   $uri $uri/ /index.php?$query_string;
}



location ~ \.php$ {

    # Protect access
    auth_basic_user_file  /etc/nginx/auth/.htpasswd;

    add_header      X-Dovesono-php 1;
    fastcgi_pass    unix:/run/php/php7.4-fpm.sock;
    fastcgi_index   index.php;
    include         fastcgi_params;
    fastcgi_param   SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param   PATH_INFO $fastcgi_path_info;
}

I need to leave un protected entire block of /api/<some thing

Actually, using the above config, the browser ask me at every ajax call to /api/