Hi folks! Just trying confirm my understanding of how Service Tokens work, with regard to headers.

I had assumed that a valid service token would result in a JWT being added in the form of a cookie, as stated in the docs, but also in the cf-access-jwt-assertion header, as with other flows. But I think I'm seeing that the header isn't added in this case. Is that true? Thanks!
1 Reply
Goonendoof
GoonendoofOP5mo ago
Actually managed to test a bit more clearly and I think both might be added as expected. I'll mark this as answered but if I'm wrong please let me know. Cheers!
Want results from more Discord servers?
Add your server