Hello there!

Need Help? We are right here!

miniOrange Email Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Search Results:


Header Based Authentication

Header Based Authentication is enabled to authenticate log in to
on-premise apps and backend applications with a reverse
proxy server using the URL header to initiate authorization response from the IDP.

Request a 10-day Free Trial
header-base-authentication Reverse Proxy Banner Image

What is Header Based Authentication?

Header based authentication is a method where the users are authenticated to access backend applications based on the user information which is sent through the HTTP headers. In the URL, the HTTP header section contains authentication parameters which can be configured to set the Header Based Authentication for on premise apps.

This solution is used for backend applications and on-premise solutions, where there is a requirement of SSO (or an IDP) which is not supported by those apps and further customization is not possible.

Most backend applications (and on-premise solutions) do not have support for SSO (or an IDP). So we need a reverse proxy server in between them to set up SSO (or an IDP) to authenticate the users. By enabling Header Based Authentication for on premise apps, users can log in to a proxied application using just the contents of the header body of the URL. Admin can specify which parameters should be used to authenticate users and have it customized to their security needs.

When the URL header set by the reverse proxy server matches the required header for the proxied application it authenticates the user and logs in to the proxied application. In case, the user’s header parameters do not match the required backend application parameters, then the backend application error page will be displayed. This application can be set up as per the user requirements by enabling miniOrange Header Based Authentication for on premise apps with Reverse Proxy solution.


Secure SSO to on premise apps

Header based authentication for on premise apps provides easy and secure single sign-on (SSO) to your on-premise applications for users.

No Software Needed

No third party apps or additional software are needed.

Change Parameters

With header based authentication for on premise apps, you can change which parameters in the header are to be used to authenticate users. This offers customizability and reduces security risks.

Message Integrity

Message integrity is maintained as we know the content will not be modified.

Working of Header Based Authentication for on premise apps.

Let’s see the steps of how Header Based Authentication for on premise apps works with a reverse proxy server

Header Based Authentication Use Case

Suppose we have a user, Stephen. Stephen wants to access the backend application (example In-house SaaS applications ). He will see the proxied application and try to log in to it. A request will be initiated and sent to the reverse proxy server. The reverse proxy server will redirect him to the IDP set up by Stephen’s organization (example miniOrange or Azure AD).

  • If the IDP authenticates Stephen, the IDP will share an authentication token to the reverse proxy server.
  • The reverse proxy will set the header parameters based on this authentication token and send it to the backend application.
  • Now Stephen will be able to access the backend application.
  • If the IDP does not authenticate Stephen, the IDP will show an error message and Stephen won’t be able to access the proxied application.
header-base-authentication usecase

Latest Blogs

How to Stop Bot Traffic on Website with Reverse Proxy

A reverse proxy server is a special kind of proxy server. In contrast to a forward proxy server, which protects clients [...]


How to set up WordPress role based access control to secure site folders?

Role based access control (RBAC)means allowing access to users to a stack based on the set user roles and [...]


How to protect images from downloading by unauthorized access?

Ever felt concerned about the images that you added to your online folders, might be downloaded by users (who aren’t logged in) [...]


How to secure access to Google Workspace Apps from Unauthorized Networks?

Google Workspace holds the entire collection of data that a company generates by storing [...]

Read More