User Headers
Overview
As extensively described in the Architecture overview page, the witboost ecosystem is composed of multiple interacting modules.
When you trigger some provisioning actions, such as the deployment of a data product, the UI forwards your request to the Builder module, that in turn sends it to the Provisioner; it will then contact and coordinate with different provisioning services (specific provisioners, data catalog proxies, marketplace-compliant services) to ensure the desired provisioning status is achieved.
In certain cases, it may be necessary to provide additional information about the user who initiated the action to some of these services.
To illustrate this, let's consider the following use case as an example where a data product includes a component (say, an AWS S3 Storage output port) and the provisioning of said component is handled by a technology adapter that receives deploy/undeploy requests from the Provisioner module and triggers some pipelines on Jenkins to create or update the S3 Storage on AWS. To accomplish this, the technology adapter must authenticate with the Jenkins instance using a username and an authentication token. While authorized technical credentials could be used, in such cases, Jenkins would not be able to trace the human user who initiated the provisioning process on witboost. Typically, this traceability is a crucial auditing and security requirement for companies.
As Builder, Provisioner and Provisioning Services all communicate through HTTP interfaces, witboost enables users to define a set of HTTP headers that will be attached to each HTTP request exchanged between services within the witboost ecosystem.
In the aforementioned sample use case, you would simply need to define two user headers:
- jenkins-username - your Jenkins username
- jenkins-token - your Jenkins access token
By doing so, the technology adapter will be able to extract those values from the headers it receives with the HTTP requests sent by the Provisioner and use them to authenticate on Jenkins.
How to define user headers
You'll be able to define user headers only if your organization has enabled the functionality.
- Click on your profile picture in the top bar and select
Settings and Profile
- In the
Settings
page click on theAdvanced
tab - Manage your headers from the
User Headers
section
Header constraints
Each user-defined header must adhere to the following constraints (automatically enforced by the platform):
Field | Constraint |
---|---|
Header name | Must be prefixed by a string configured by your organization (wb-user- by default) |
Header name | Must start with a letter and must not contain any whitespace or special characters except hyphens |
Header name | Must contain at most 128 characters |
Header value | Must contain at most 4096 characters |