Skip to main content

User Headers

Overview

As extensively described in the Architecture overview page, the witboost ecosystem is composed of multiple interacting modules.

When you trigger some provisioning actions, such as the deployment of a data product, the UI forwards your request to the Builder module, that in turn sends it to the Provisioner; it will then contact and coordinate with different provisioning services (specific provisioners, data catalog proxies, marketplace-compliant services) to ensure the desired provisioning status is achieved.

In certain cases, it may be necessary to provide additional information about the user who initiated the action to some of these services.

To illustrate this, let's consider the following use case as an example where a data product includes a component (say, an AWS S3 Storage output port) and the provisioning of said component is handled by a technology adapter that receives deploy/undeploy requests from the Provisioner module and triggers some pipelines on Jenkins to create or update the S3 Storage on AWS. To accomplish this, the technology adapter must authenticate with the Jenkins instance using a username and an authentication token. While authorized technical credentials could be used, in such cases, Jenkins would not be able to trace the human user who initiated the provisioning process on witboost. Typically, this traceability is a crucial auditing and security requirement for companies.

As Builder, Provisioner and Provisioning Services all communicate through HTTP interfaces, witboost enables users to define a set of HTTP headers that will be attached to each HTTP request exchanged between services within the witboost ecosystem.

In the aforementioned sample use case, you would simply need to define two user headers:

  • jenkins-username - your Jenkins username
  • jenkins-token - your Jenkins access token

By doing so, the technology adapter will be able to extract those values from the headers it receives with the HTTP requests sent by the Provisioner and use them to authenticate on Jenkins.

How to define user headers

info

You'll be able to define user headers only if your organization has enabled the functionality.

  • Click on your profile picture in the top bar and select Settings and Profile
  • In the Settings page click on the Advanced tab
  • Manage your headers from the User Headers section

User Headers

Header constraints

Each user-defined header must adhere to the following constraints (automatically enforced by the UI):

FieldConstraint
Header nameMust be prefixed by a string configured by your organization (wb-user- by default)
Header nameMust start with a letter and must not contain any whitespace or special characters except hyphens
Header nameMust contain at most 128 characters
Header valueMust contain at most 4096 characters