How to pass request Headers in userinfo endpoint
Hi,
Greetings. Hope you are well! I have a Oauth 2.0 authentication service and there is a need to pass a custom value to Accept request header. Anyone know how to pass this? I am using Pega Infinity 23.1.2
Regards,
Bharat
HCA Healthcare
US
@KOMARINATo pass a custom Accept header to the userinfo endpoint in Pega Infinity 23.1.2, you can configure it in the OAuth 2.0 Provider or the Connect REST rule. In the OAuth Provider rule, add the header under the "Additional Headers" section (e.g., Accept: application/custom-type). If you're using a Connect REST rule, open it, go to the "Request" tab, and add the header in the "HTTP Headers" section. For dynamic values, create an activity or data transform to populate the pyRequestHeaders page, setting Accept to the required value (e.g., pyRequestHeaders.Accept = "application/custom-type"). Save and test your configuration using Tracer or a tool like Postman to confirm the header is sent correctly. This approach ensures the custom header is passed with your request seamlessly
Accenture
GB
@Sairohith Hi, Thank you. But i am using OIDC Connect in my Authentication Service and userinfo endpoint is in here where passed in claims can be used in Pega, hence i am not using any Provider/Connect REST(aware of how to pass headers in this approach)
Regards,
Bharat
HCA Healthcare
US
Thank you for clarifying! Since you're using OIDC Connect in the Authentication Service, you can pass custom headers like Accept by overriding the headers in the activity associated with the OIDC flow. Open your Authentication Service configuration, locate the custom activity that processes the userinfo endpoint, and use the pyRequestHeaders page to set the Accept header dynamically. For example, in the activity, add a step with the following:
Param.RequestHeaders.Accept = "application/custom-type";
This ensures the custom header is included in the HTTP request to the userinfo endpoint. Save the changes, and test the Authentication Service to confirm the header is passed correctly. Let me know if have need any more details. thanks
Accenture
GB
@Sairohith Sure, but this endpoint is not a custom one, only the header that i need to pass is a custom one and this is an OOTB Authentication Service which is in place, IDP i am using is internal to client, not sure i can add in a Pre-Authentication Activity and pass in the custom header as this header will apply to all endpoints in the Authentication Service (token, authorize etc)
Regards,
BharAT
Updated: 2 Jan 2025 16:26 EST
HCA Healthcare
US
@KOMARINA To pass a custom Accept header specifically to the userinfo endpoint in an OOTB Authentication Service using OIDC, you can handle it in the Post-Authentication Activity without affecting other endpoints like token or authorize. In the activity, make the userinfo call explicitly using the Connect-REST method, and set the custom header dynamically by adding Param.RequestHeaders.Accept = "application/custom-type". This approach ensures the custom header is applied only to the userinfo endpoint, while other parts of the OOTB Authentication Service flow remain unchanged. This method allows you to retrieve and process claims from the userinfo endpoint as required
Updated: 2 Jan 2025 16:48 EST
Accenture
GB
@Sairohith Sure, thank you. As i mentioned i am aware of passing headers via Connect but thought there is a way like how query parameters are passed OOTB without having to go down the custom approach to call userinfo explicitly.
Regards,
Bharat