Custom Headers
When to use it
This feature allows the host application to pass custom headers when it triggers a call to their services. The custom headers are added to FSP calls and to Custom Rows calls.
For example, this could be useful for the security teams of , which would like to pass a JWT (JSON Web Token) when the user, through the file manager, triggers a call to their Custom File System Provider API.
It may be also be used to protect application or customer-hosted content delivered to the editor, such as custom rows or other host app-specific content. The extra token helps the host application to apply an authentication layer to the contacted endpoints.
How it works
To activate this feature, the host application must add a specific element to the Configuration object:
customHeaders: [
{
name: 'Authorization',
value: 'Bearer ',
},
...
],
Please note that all custom headers will be prefixed with “X-BEE-“ identifier. For instance, in the example above, the header will be sent to the host app as X-BEE-Authorization.
Using Pre-approved Custom Headers
You don't need to request whitelisting for the following custom headers. Instead, you can immediately use any of these pre-approved custom headers:
x-bee-authorizationx-bee-document-idx-bee-custom-hostx-bee-tenant-identifierx-bee-businessuid
No additional approval is required when using these headers.
Last updated
Was this helpful?