It would be great if the Authorization header was an option that could be overwritten.
I found your plugin while researching ways to secure and streamline the Craft CP. We use Cloudflare and they offer a feature called Access that handles SSO at the edge, and once authorized makes the backend request with the header Cf-Access-Jwt-Assertion. I think this would just "work" if the header this plugin checks was configurable.
It would be great if the Authorization header was an option that could be overwritten.
I found your plugin while researching ways to secure and streamline the Craft CP. We use Cloudflare and they offer a feature called Access that handles SSO at the edge, and once authorized makes the backend request with the header
Cf-Access-Jwt-Assertion. I think this would just "work" if the header this plugin checks was configurable.