This feature allows the host application to pass custom headers when it triggers a call to their services. The custom headers are added to FSP calls and to Custom Rows calls.
For example, this could be useful for the security teams of , which would like to pass a JWT (JSON Web Token) when the user, through the file manager, triggers a call to their Custom File System Provider API.
It may be also be used to protect application or customer-hosted content delivered to the editor, such as custom rows or other host app-specific content. The extra token helps the host application to apply an authentication layer to the contacted endpoints.
How it works
To activate this feature, the host application must add a specific element to the Configuration object:
Please note that all custom headers will be prefixed with “X-BEE-“ identifier. For instance, in the example above, the header will be sent to the host app as X-BEE-Authorization.
Please note that custom headers must be whitelisted by our team before using them. Please open a support ticket via the Beefree SDK Console if you’re planning to use this feature.