Hello there!

Need Help? We are right here!

miniOrange Email Support

Thanks for your Enquiry.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:


HTTP Header Based Authentication Access Control

Header-Based Authentication allows users to log in to their on-premise apps with a URL header to authenticate user agents using an HTTP header. This allows the admin to have user access control to authenticate users or set 401 unauthorized errors.

Request a 30-day Free Trial
HTTP header based authentication access control

What is HTTP Header Based Authentication?

HTTP Header-based authentication provides user agent authentication to access backend applications and on-premise apps, where the information is sent through the HTTP headers. In the Header URL, the HTTP header section contains the authentication parameters that are configured to set the Header Based Authentication for on-premise apps.

This solution work for backend legacy apps and resources, where the admin needs to provide remote access to on-premise apps with ease, and without installing third-party software.

Most legacy applications (and on-premise solutions) do not support SSO for user agent access control. So we need a reverse proxy server in between them to set up SSO (or an IAM) to authenticate the users. By enabling Header Based Authentication for on-premise apps, users can log in to the proxied legacy application using just the contents of the header body of the URL. Admin can specify which parameters should be used to authenticate user agents and have it customized to their security needs.

When the URL header set by the reverse proxy server matches the required header for the proxied legacy application it authenticates user agents and logs in. In case the user’s header parameters do not match the required application parameters, then the application 401 unauthorized error page will be displayed.

4 Reasons to use HTTP Header Based Authentication

Secure SSO for on-premise apps

HTTP header-based authentication for on-premise apps provides easy and secure single sign-on (SSO) for all authorized user agents.

No Software Needed

No third-party apps or additional software is needed for your legacy apps to grant remote access and complete with ease of use along with header access control.

Custom Parameters

With header-based authentication for on-premise apps, you can set custom URL parameters in the header to be used to authenticate users. This offers customizability and reduces security risks.

Message Integrity

Message integrity is maintained as we know the content will not be modified, as no unauthorized user agent will access the legacy apps.

Working of Header Based Authentication for on premise apps.

Let’s see the steps of how Header Based Authentication for on premise apps works with a reverse proxy server

Header Based Authentication Use Case

Suppose we have a user, Stephen. Stephen wants to access the backend application (example In-house SaaS applications ). He will see the proxied application and try to log in to it. A request will be initiated and sent to the reverse proxy server. The reverse proxy server will redirect him to the IAM set up by Stephen’s organization (example miniOrange or Azure AD).

  • If the IAM authenticates Stephen, the IAM will share an authentication token to the reverse proxy server.
  • The reverse proxy will set the header parameters based on this authentication token and send it to the backend application.
  • Now Stephen will be able to access the backend application.
  • If the IAM does not authenticate Stephen, the IAM will show an error message and Stephen won’t be able to access the proxied application.
header based authentication user agents

Latest Blogs

How to Stop Bot Traffic on Website with Reverse Proxy

A reverse proxy server is a special kind of proxy server. In contrast to a forward proxy server, which protects clients [...]


How to set up WordPress role based access control to secure site folders?

Role based access control (RBAC)means allowing access to users to a stack based on the set user roles and [...]


How to protect images from downloading by unauthorized access?

Ever felt concerned about the images that you added to your online folders, might be downloaded by users (who aren’t logged in) [...]


How to secure access to Google Workspace Apps from Unauthorized Networks?

Google Workspace holds the entire collection of data that a company generates by storing [...]

Read More