3 Replies Latest reply on Jun 12, 2014 1:42 PM by bas.kuis

Authorization header not included when jive 7.0.1.0 routes requests to add-on service

bas.kuis Jun 11, 2014 6:17 PM

We have a service configured as follows:

And when sending a POST to the endpoint using Jive connects:

We see that the headers do not include the Authorization header like we would expect:

This is resulting in a unauthorized response. Please note the 'test':'yo' header that was added to the service configuration:

This seems to indicate that the expected service (and configuration) routes the request correctly to the expected add-on service definition.

Ryan Rutan - Mark Weitzel - is this due to a misunderstanding on my part on how this is supposed to function or are we missing something? For instance - does the authorization header only get sent over https? Why could it be that the Authorization header isn't passed along to the middle-ware?

cc: John Larson, Ben Liesch

Re: Authorization header not included when jive 7.0.1.0 routes requests to add-on service

jasonnew Jun 12, 2014 12:13 AM (in response to bas.kuis)

Hi Bas Kuis,
Have you tried adding the following to your post;
"authz" : "signed"
Like Show 0 Likes(0)

Actions
- Re: Authorization header not included when jive 7.0.1.0 routes requests to add-on service
  
  bas.kuis Jun 12, 2014 4:43 AM (in response to jasonnew)
  
  Hi Jason,
  
  Thanks for the suggestion.
  Unfortunately that didn't seem to change anything.
  Adding: authz : 'signed'
  Still produced:
  Best,
  
  Bas
  
  Like Show 0 Likes(0)
  
  Actions
  - Re: Authorization header not included when jive 7.0.1.0 routes requests to add-on service
    
    bas.kuis Jun 12, 2014 1:42 PM (in response to bas.kuis)
    
    I think it might be due to the 403 response from the middle-ware endpoint - not prompting jive-connects to request credentials from the user. Perhaps returning a 401 response would fix our issue. Trying that now.
    
    Like Show 0 Likes(0)
    
    Actions

Go to original post