You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Secure "Dynamic" Headers



Content (required):

We came across a sample application by Oracle :

The use case is that this app will show BPM tasks from both SaaS and PCS.

For PCS it uses "Cloud Account" as Auth. Expected!!

For SaaS the authentication is bit interesting. It Sets the Auth to "None" and defines a Secure Header called "Authorization". Furthermore the value for this secure header also looks special.

According to the docs (my interpretation) the jwtToken sent in by the container in SaaS is used in this Authorization Header.

So now the question is , Is the value "

Howdy, Stranger!

Log In

To view full details, sign in.


Don't have an account? Click here to get started!