Pass Identity Headers
Summary
When set to true, the Pass Identity Headers setting sends identity headers to all upstream applications.
To change this behavior for a specific route, use the route-level Pass Identity Headers setting.
Identity headers include:
X-Pomerium-Jwt-AssertionX-Pomerium-Claim-*(see JWT Claim Headers for more information)
How to configure
- Core
- Enterprise
- Kubernetes
| YAML/JSON setting | Type | Usage | Default |
|---|---|---|---|
pass_identity_headers | boolean | optional | *false |
Examples
pass_identity_headers: true
routes:
- from: https://service.corp.example.io
to: http://localhost:3000
Configure Pass Identity Headers in the Console with the Pass Identity Headers toggle button.
The button has three states:
- Unset ("-") uses the value in your configuration file
- Checkmark sets
pass_identity_headerstotrue - Empty sets
pass_identity_headerstofalse
| Parameter name | Type | Usage | Default |
|---|---|---|---|
passIdentityHeaders | boolean | optional | *false |
Examples
passIdentityHeaders: true
See Kubernetes - Global Configuration for more information.
* If neither the global nor route-level pass_identity_headers settings are defined, both settings will default to false.