[Feature Request] Custom headers for server connection

[vicegold]

I'd like to use ShelfPlayer through a Cloudflare tunnel to access my ABS server on-the-go. For that I need to set 2 custom headers (key/value pairs) to handle authentication. Is that something ShelfPlayer could support?

[sergpryimachuk]

+1 I have exactly the same need.

[gh0sti]

+1 I have exactly the same need.

how is that not handled by the URL when entered for the server and username/password? You need to add customer header to get the connection?

[vicegold]

how is that not handled by the URL when entered for the server and username/password? You need to add customer header to get the connection?

Correct, with Cloudflare Tunnels you have an extra layer of authentication so your services aren't exposed to everyone. Without that authentication you never get a connection to ABS. When opening the ABS UI in the browser you can just can use OTP or Google Auth, but in apps you'll need to use Token auth via custom headers.

[rasmuslos]

You can now add custom headers during login or edit them in the account sheet. I am currently working on improving the series handling, when it is finished I will release a new version with this fix.

[vicegold]

Wow, that was fast! Thank you so much, really appreciate it!

[jonathan-catt]

@vicegold - Sorry to ask you here, but I am trying to make this work on my end but I can't seem to get the Service Token to work with the custom headers from Cloudflare. I have added the CF-Access-Client-Id and CF-Access-Client-Secret as custom headers in Shelf Player, and I have added that service token to a access policy for my ABS application in Cloudflare but I do not see the service token get "hit" in the cloudflare dashboard. Its probably something simple on Cloudflare side but if you have any guidance I would appreciate it.

[vicegold]

@jonathan-catt Make sure that you don't just include the token in a regular Allow policy. It requires a dedicated Service Auth policy. I stumbled upon this many times as well.

[jonathan-catt]

Thanks @vicegold That was it... didn't even see the service auth action, just figured it was under the Allow action. Knew it was going to be something simple.