Custom Headers

  1. When to use it
  2. How it works

When to use it

This feature allows the host application to pass custom headers when it triggers a call to their services. The custom headers are added to FSP calls and to Custom Rows calls.

For example, this could be useful for the security teams of larger companies, which would like to pass a JWT (JSON Web Token) when the user, through the file manager, triggers a call to their Custom File System Provider API.

It may be also be used to protect application or customer-hosted content delivered to the editor, such as custom rows or other host app-specific content. The extra token helps the host application to apply an authentication layer to the contacted endpoints.

How it works

To activate this feature, the host application must add a specific element to the Configuration object:




customHeaders: [
    {
        name: 'Authorization',
        value: 'Bearer ',
    },
    ...
],


Please note that all custom headers will be prefixed with “X-BEE-“ identifier. For instance, in the example above, the header will be sent to the host app as X-BEE-Authorization.