Search code examples
loopbackjs

How to configure loopback to use access_token in the header

I'm using access_token handling logic form loopback. It works fine, but unfortunately expects the access_token in the URL.

Can I configure loopback to use the access_token in the header custom field instead?

Solution

  • Initialize Loopback Token Middleware check the docs

    A sample code for enabling loopback.token middleware

    app.use(loopback.token({  
  cookies: ['access_token'],
  headers: ['access_token', 'X-Access-Token'],
  params:  ['access_token']
  //additional keys (check docs for more info)
}));

    It checks for these values in cookies, headers, and query string parameters