How to configure loopback to use access_token in the header

About

Asked 20/9, 2016 at 14:13 Answered 21/8, 2019 at 19:23

I'm using access_token handling logic form loopback. It works fine, but unfortunately expects the access_token in the URL.

Can I configure loopback to use the access_token in the header custom field instead?

Hydrofoil answered 20/9, 2016 at 14:13 Comment(3)

I would recommend using the standard Authorization header instead of a custom one. Loopback will search by default for a token in there. – Rizal 23/9, 2016 at 9:1

Thanks Overdrivr! Is it somewhere documented? I mean, how it is expected to be packed in the Authorization header? Simply a string value of the token, or something like "Tolen " + value? – Hydrofoil 23/9, 2016 at 9:29

This is documented here. Just put the token string inside the header – Rizal 23/9, 2016 at 9:44

Initialize Loopback Token Middleware check the docs

A sample code for enabling loopback.token middleware

app.use(loopback.token({  
  cookies: ['access_token'],
  headers: ['access_token', 'X-Access-Token'],
  params:  ['access_token']
  //additional keys (check docs for more info)
}));

It checks for these values in cookies, headers, and query string parameters

Educable answered 20/9, 2016 at 16:28 Comment(1)

Where should this code go? Can I somehow instruct the API explorer to send the access_token in Header as well? – Hydrofoil 21/9, 2016 at 8:7

Docs- https://loopback.io/doc/en/lb3/Making-authenticated-requests.html

Pass the following header in request config (use your token)-

headers: {
    Authorization: '1vKbyJc9D2pJaE5sZWDqKxcJYlOfPab4eO8giuRMkfOxvoHKGUBRDcNvP4JwDIxe'
}

No configuration needed in server.

Coxcombry answered 21/8, 2019 at 19:23 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags