I'm trying to build a plumber API that uses a key provided in req$HTTP_AUTHORIZATION
to access pinned data, but it seems like this information is not available when plumber is hosted on Rstudio connect.
Works locally but returns an empty list from Connect:
function(req) {
return(req$HTTP_AUTHORIZATION)
}
Works on Connect
function(req) {
return(req$postBody)
}
Raises an exception on Connect:
function(req) {
return(as.list(req))
}
I'm assuming what's happening here is that the authorization is being suppressed by Connect which makes sense, but I'm wondering if this behaviour is documented anywhere? Is the best method for this kind of workflow to encrypt the key and send it as part of the body?