DEVHIDE
Login Or Sign up

How to add response header to wso2 authentication endpoints

135 Views Asked by At

i'm able to add the response header to all my API except for the wso2 authentication endpoints

https://testorsampletdomain.com/oauth2/authorize

https://testorsampletdomain.com/authenticationendpoint/login.do?

https://testorsampletdomain.com/logincontext?

I need to add strict-transport-security and content-security-policy to response header of authentication endpoints pls help to address the above.

oauth-2.0 wso2 content-security-policy response-headers strict-transport-security
Original Q&A
2

There are 2 best solutions below

0
Anuradha Karunarathna On BEST ANSWER

You can configure the custom header filter in the identity server by following the guide here https://github.com/wso2-extensions/identity-carbon-auth-rest#custom-header-filter NOTE: This filter is available after IS-5.11.0 https://github.com/wso2/product-is/issues/9088

When comes to step 4 of the guide: The custom response headers that you want to add;

  • for the authentication endpoint responses should be added under the application name "authenticationendpoint"

  • for the oauth2 endpoint responses should be added under the application name "oauth2"

2
Lakshitha On

How about exposing these endpoints via APIM as APIs? This way you can add a mediation policy to add these headers?

Related Questions in OAUTH-2.0

Related Questions in WSO2

Related Questions in CONTENT-SECURITY-POLICY

Related Questions in RESPONSE-HEADERS

Related Questions in STRICT-TRANSPORT-SECURITY

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.