The header names used to send an Athenz token is fixed to:
|
ACCESS_TOKEN(HttpHeaderNames.AUTHORIZATION, false, "Bearer"), |
|
/** |
|
* Athenz role token. {@code "Athenz-Role-Auth"} is used as the header name for this token type. |
|
*/ |
|
ATHENZ_ROLE_TOKEN(HttpHeaderNames.ATHENZ_ROLE_AUTH, true, null), |
|
/** |
|
* The legacy Athenz role token used by Yahoo. {@code "Yahoo-Role-Auth"} is used as the |
|
* header name for this token type. |
|
*/ |
|
YAHOO_ROLE_TOKEN(HttpHeaderNames.YAHOO_ROLE_AUTH, true, null); |
I received internal feedback from LY that they prefer to use a custom header name rather than the standard Athenz header names.
