Custom HTTP Headers - cgillum/easyauth GitHub Wiki
The following are all the custom headers used by Easy Auth. Note that the Server-side only request headers are generated by the Easy Auth middleware and are not exposed over the internet.
| Header | Type | Description |
|---|---|---|
| x-ms-client-principal-name | request | Server-side only. The name of the authenticated user, if any. This value is derived from data provided by the identity provider. |
| x-ms-client-principal-id | request | Server-side only. The ID of the authenticated user, if any. This value is derived from data provided by the identity provider. |
| x-ms-client-principal-idp | request | Server-side only. The name of the identity provide that authenticated the user, if any. Current values include "aad", "google", "microsoftaccount", "twitter", and "facebook" |
| x-ms-client-principal | request | Server-side only. A base64-encoded JSON object with properties (claims) that describe the authenticated user, if any. |
| x-ms-token-{provider}-{type} | request | Server-side only. An OAuth token (or expiration information about a token) generated by the identity provider |
| x-ms-allow-http | request | When set to true, disables the automatic redirect from HTTP to HTTPS. This is mostly useful in cases where an external service needs to ping the app but cannot use HTTPS or follow redirects. The default is false. |