added

2024-02-08

Authorization headers

You can now prevent unauthorized access to your broadpeak.io services by requiring each request to contain a specific http header.

When definining your service, you may specify an optional header name and an associated value.

All incoming requests for your service will be checked and any request that doesn't have the proper name and value will be answered with a 403 Forbidden response, with the following payload: "Incorrect or missing authorization header".

The player of the service preview page will automatically send the authorization header so that you can watch your service.

Please see our API reference (advancedOptions / authorizationHeader)

See below a screenshot of our WebApp showing the authorization header in the "More options" section of the service edition page.