1.1 KiB
1.1 KiB
Headers your app receives
When a request is allowed, the auth service adds these headers before proxying to your app (e.g., the service at :3000). Your app can use them for user context and authorization.
| Header | Meaning | Example |
|---|---|---|
Remote-User |
Authenticated user UUID | 3f1a2b3c-4d5e-6789-abcd-ef0123456789 |
Remote-Name |
User display name | Jane Doe |
Remote-Org |
Organization UUID | a1b2c3d4-1111-2222-3333-444455556666 |
Remote-Org-Name |
Organization display name | Acme Inc |
Remote-Role |
Role UUID | b2c3d4e5-2222-3333-4444-555566667777 |
Remote-Role-Name |
Role display name | Administrators |
Remote-Groups |
Comma‑separated permissions the user has | myapp:reports,auth:admin |
Remote-Session-Expires |
Session expiry timestamp (ISO 8601) | 2025-09-25T14:30:00Z |
Remote-Credential |
Credential UUID backing the session | c3d4e5f6-3333-4444-5555-666677778888 |
Note: Any incoming Remote-* headers from clients are stripped by our Caddy configuration, so that apps can trust these values.