access token in custom header

AzureAD / passport-azure-ad

The code for Passport Azure AD has been moved to the MSAL.js repo. Please open any issues or PRs at the link below.

https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/maintenance/passport-azure-ad

Other

420 stars 177 forks source link

access token in custom header #534

Closed aelmanaa closed 3 years ago

aelmanaa commented 3 years ago

Hello,

I've got a quick question. Can we validate the access-token if it is received in a custom http header like "x-access-token" rather than standard "Authorization: Bearer " . If yes, how?

thanks

pkanher617 commented 3 years ago

@aelmanaa The only place we can validate the access token today is the authorization header or the body of the request for the BearerStrategy.