Custom Headers

This feature is available on BEE Plugin Superpowers plan and above. If you're on the Core or Essentials plan, upgrade a development application for free to try this and other Superpowers-level features.

When to use it
How it works

When to use it

This feature allows the host application to pass custom headers when the plugin triggers a call to their services. The custom headers are added to FSP calls and to Custom Rows calls.

For example, this could be useful for the security teams of larger companies, which would like to pass a JWT (JSON Web Token) when the user, through the file manager, triggers a call to their Custom File System Provider API.

It may be also be used to protect application or customer-hosted content delivered to the editor, such as custom rows or other host app-specific content. The extra token helps the host application to apply an authentication layer to the contacted endpoints.

How it works

To activate this feature, the host application must add a specific element to the BEE Configuration object:




customHeaders: [
    {
        name: 'Authorization',
        value: 'Bearer ',
    },
    ...
],

Please note that all custom headers will be prefixed with “X-BEE-“ identifier. For instance, in the example above, the header will be sent to the host app as X-BEE-Authorization.

Please note that custom headers must be whitelisted by our team before using them. Please open a support ticket via the Developer Portal if you’re planning to use this feature.