Add or Set Request Headers
The set header policy adds a header to the request in the inbound pipeline. This can be used to set a security header required by the downstream service.
Configuration#
{
"name": "my-set-headers-inbound-policy",
"policyType": "set-headers-inbound",
"handler": {
"export": "SetHeadersInboundPolicy",
"module": "$import(@zuplo/runtime)",
"options": {
"headers": [
[
{
"name": "my-custom-header",
"value": "test"
}
]
]
}
}
}Options#
namethe name of your policy instance. This is used as a reference in your routes.policyTypethe identifier of the policy. This is used by the Zuplo UI. Value should beset-headers-inbound.handler/exportThe name of the exported type. Value should beSetHeadersInboundPolicy.handler/modulethe module containing the policy. Value should be$import(@zuplo/runtime).handler/optionsThe options for this policy:headersAn array of headers to set in the request. By default, headers will be overwritten if they already exists in the request, specify the overwrite property to change this behavior.
An example for using this policy is if your backend service uses basic authentication you might use this policy to attach the Basic auth header to the request:
{
"export": "SetHeadersInboundPolicy",
"module": "$import(@zuplo/runtime)",
"options": {
"headers": [
{
"name": "Authorization",
"value": "Basic DIGEST_HERE",
"overwrite": true
}
]
}
}When doing this, you most likely want to set the secret as an environment variable, which can be accessed in the policy as follows
{
"export": "SetHeadersInboundPolicy",
"module": "$import(@zuplo/runtime)",
"options": {
"headers": [
{
"name": "Authorization",
"value": "$env(BASIC_AUTHORIZATION_HEADER_VALUE)",
"overwrite": true
}
]
}
}And you would set the environment variable BASIC_AUTHORIZATION_HEADER_VALUE to
Basic DIGEST_HERE.