# Custom headers

# About this guide

Follow this guide to learn how to use the X-TrustedTwin custom header to enhance the rule functionality through using variables passed by the user in the request.

This guide contains the following sections:

Section Contents
X-TrustedTwin custom header Introduction to the X-TrustedTwin custom header.
Introduction Context and goals of the scenario.
Preparation In this section we create a role, a user, and a Twin which we will use in the following section to illustrate how the X-TrustedTwin custom header works.
Scenarios Example scenarios using the `X-TrustedTwin header

In this tutorial we use cURL to provide examples. For more information about cURL, please consult the introduction to our cURL quickstart guide.

# X-TrustedTwin custom header

The X-TrustedTwin header enhances the rule functionality through using variables passed by the user in the request to the Trusted Twin API. To learn more about this custom header, please consult the Custom headers section.

# About the scenarios

In our scenarios, we want a user only to be able to access a Twin if the Twin serial number in the description of a Twin is equal to the serial number passed in the X-TrustedTwin header in the request. This way there is no need to create multiple users (one per Twin) to allow for this level of access granularity.

# Preparation

First, let's create a role that allows to access a given Twin only if the serial number passed in the X-TrustedTwin header (DICT.serial) is equal to the serial number of the Twin (TWIN.serial):


Next, let's create a user with this role:


And let's create a Twin with the serial number 123 ({"serial": "123"}):

# Scenario

Let's test what the user can see depending on the X-TrustedTwin header passed in the request to retrieve the Twin.

# No X-TrustedTwin header in the request

Let's start with a request where we don't pass the X-TrustedTwin header:


The response returns a 403 status code and information that the Twin is not accessible:


# Request with X-TrustedTwin header {"serial": "123"}

Next, let's pass the encoded {"serial": "123"} dictionary in the X-TrustedTwin header (eyJzZXJpYWwiOiAiMTIzIn0=):


The response returns the details of the Twin:


# Request with X-TrustedTwin header {"serial": "345"}

Next, let's try to pass the encoded {"serial": "345"} dictionary in the X-TrustedTwin header (eyJzZXJpYWwiOiAiMzQ1In0=):


The response returns a 403 status code with information that the Twin is not accessible to the user:

# Resources

Please consult the Custom headers section for more information on the X-TrustedTwin custom header.