I have an eco system that the gateway and federated services live. The problem is when the gateway starts it validates the services - to do this it needs to be authorised.
When a client is querying via federation gateway they supply a bearer token.
In both instances the request header authorization field is used.
I've read and reread the docs but I am unable to achieve this using different tokens for different actions.
Anyone any ideas or links to relevant docs? Cheers
Rereading for the Xth time the solution is with the "buildService".
It is only called once for each implementing service. You can extend it and add whatever headers you need.
See here for docs + example: