Reputation: 1
Can KrakenD validate access keys sent in the body rather than header
I have a usage tracking library(snowplow) which needs to send data to a kinesis stream collector. We are using KrakenD in the middle for api gateway. Inorder to secure this, I need to pass access token. Snowplow at present does not allow custom headers at the present, which prevents me from sending this data. Is there an option in KrakenD which allows it to validate a token sent in the body rather than the header?
Upvotes: 0
Views: 264
Answers (1)
Reputation: 1440
KrakenD JWT validation expects you to send the token data in the Bearer header or inside a cookie. You cannot validate a token sent in the body.
I don't understand what is the problem of Snowplow not accepting custom headers. The validation would occur on KrakenD side and KrakenD does not send any custom header to Snowplow unless you explicitly add them in the input_headers list. If you have more information, I'd be happy to assist.
Upvotes: 1
Related Questions
- Keycloak: Access token validation end point
- How to validate Keycloak webhook request?
- KrakenD - prevent changing response
- How to validate request headers in kubernetes
- Use secret for ValidatingWebhookConfiguration
- How to implement Akka HTTP Request Post Client Headers Authorization
- how to validate the keys exists in the payload in a restful api in flask
- Setting request Header in server before Authentication Happens in Keycloak
- Pre-validate messages sent to Kafka topic
- POST param validation in Akka HTTP