You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hey @renom
I think the reason why it's not available for the jwt method could be due to the nature of JWT itself. JWT are self-contained, meaning that all the necessary information should be contained within the token itself. This includes the method used for authentication, which is typically specified in the alg (algorithm) claim of the JWT. So here might not be a need to specify the method in an additional header.
If you need to add custom headers based on the authentication method, you might consider using Ory's hydrator mutator. This mutator allows for fetching additional data from external APIs, which can be then used by other mutators. It works by making an upstream HTTP call to an API specified in the Per-Rule Configuration section. The request is a POST request and it contains JSON representation of AuthenticationSession struct in body. As a response the mutator expects similar JSON object, but with extra or header fields modified. Source
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I need to add an additional header depending on auth method, e.g.:
jwt
method is used, add headermethod=jwt
.cookie_session
method is used, add headermethod=cookie
.bearer_token
method is used, add headermethod=bearer
.But setting
additional_headers
option is allowed only forcookie_session
andbearer_token
methods. Why?Beta Was this translation helpful? Give feedback.
All reactions