How to read RouteClaimsRequirement value from header?

[aspramsh]

Hi there,

I have a question if there is a possibility to get RouteClaimsRequirement claim value from header, I mean :

"RouteClaimsRequirement": {
  "userType" : "{userId}"
} 

but userId is from upstream header and not from the URL?

[raman-m]

All functionality for claims is in our docs:

• Claims Transformation
• Authorization

Read docs carefully please!

---

userType

According to Authorization doc, userType claim must exist in JWT auth token.
Also, userId claim should also exist in auth token claims list.

---

but userId is from upstream header and not from the URL?

Well... You can read any header mostly in all Ocelot classes where you have HttpContext or HttpRequestMessage objects.
Also some useful info about headers can be read from DownstreamRoute object like this: httpContext.Items().DownstreamRoute(). But better to read headers from HttpContext for sure.

To read the header you can develop Delegating Handler, but further applications of the header value depend of your goal. Possibly it is not your case...

---

"RouteClaimsRequirement": {
  "userType" : "{userId}"
} 

Unfortunately, RouteClaimsRequirement feature doesn't support any placeholders, there are no such logic! But... you can read userId header in custom middleware injected and override it as PreAuthorizationMiddleware.
Further actions depend on your goals in how to re-use your userId value.

Hope it helps!

[raman-m]

Finally,

to get RouteClaimsRequirement claim value from header,

If you have header value then it cannot be a claim! 🤣 Ups!