Pass Identity Headers
Summary
When set to true, the Pass Identity Headers setting sends identity headers to all upstream applications.
To change this behavior for a specific route, use the route-level Pass Identity Headers setting.
Identity headers include:
X-Pomerium-Jwt-Assertion
X-Pomerium-Claim-*
(see JWT Claim Headers for more information)
How to configure
- Core
- Enterprise
- Kubernetes
YAML/JSON setting | Type | Usage | Default |
---|---|---|---|
pass_identity_headers | boolean | optional | *false |
Examples
pass_identity_headers: true
routes:
- from: https://service.corp.example.io
to: http://localhost:3000
Configure Pass Identity Headers in the Console with the Pass Identity Headers toggle button.
The button has three states:
- Unset ("-") uses the value in your configuration file
- Checkmark sets
pass_identity_headers
totrue
- Empty sets
pass_identity_headers
tofalse
Parameter name | Type | Usage | Default |
---|---|---|---|
passIdentityHeaders | boolean | optional | *false |
Examples
passIdentityHeaders: true
See Kubernetes - Global Configuration for more information.
* If neither the global nor route-level pass_identity_headers
settings are defined, both settings will default to false
.