https://www.ory.sh/ logo
#talk-oathkeeper
Title
# talk-oathkeeper
s

sticky-guitar-94474

04/12/2022, 11:57 AM
Hello Can we forward extra headers to the
oauth2_introspection
authenticator from downstream request to Introspection Server? ServiceA ->API call-> ServiceB API call is intercepted by EnvoyFilter and forwards request to Oathkeeper’s decision engine Now oathkeeper checks with
oauth2_introspection
authenticator which in-turn makes call to an AuthService Now the auth-service validates token responds back with some extra data, which in the
mutators
level get’s added, as
X-User-token
header and forwarded to ServiceB But we have an internal ServiceC(trusted service), it already sends the
X-User-token
but we need it to reach the AuthService along with the Token So how can we forward extra data to the Oauth2_introspection server ?
The workaround I’ve thought of is to pass the extra-data in query-param, which reaches the upstream service ServiceB But this needs to change the logic on ServiceB I don’t like this personally
3 Views