eIAM Backend

The HTTP header fields are components of the Hypertext Transfer Protocol (HTTP) protocol header and transmit the parameters and arguments important for the transmission of files via HTTP, e.g. desired language or character set, and often information about the client.

HTTP Header delegation from RP-PEP to application

Header Name	X-Forwarded-For
Example	10.10.10
Meaning	This header contains the source IP address of the client as seen by the load balancer before the eIAM-Web PEP. If the client is accessed via several proxy servers, more than one IP address can be in this field. That is, the load balancer upstream of the eIAM-Web PEP can receive this HTTP header already delivered and and enrich it with another address (source from its point of view)
Source of the header	Loadbalancer before eIAM-Web PEP
Comment

Header Name	isiwebclientid
Example	65c7a00a1c1e3jVuJ526+vfHbetNXVBP1wlHxQpzJzLGs63ooQdkEw=
Meaning	This header contains an internal client id. A client is tracked by the eIAM-Web PEP by means of a a session cookie. The ClientID remains the same throughout the client's session with the eIAM-Web PEP. session with the eIAM-Web PEP;
Source of the header	eIAM-Web PEP
Comment

Header Name	authLevel
Example	normal
Meaning	This header provides information about the authentication strength of the user from the eIAM-Web PEP view. Possible values are "guest", "weak", "normal", "strong";
Source of the header	eIAM-Web PEP
Comment

Header Name	Client_Network
Example	BV
Meaning	This header provides rough information about the network from which the client is accessing. Possible values are "BV", "KTV", "Internet" - BV => access from the blue network zone (networks of the Federal Administration) - INTERNET => Access from the red network zone (Internet, KTV, others). - KTV => access from the cantonal network. The distinction between the Internet and the cantonal network is only made if the project explicitly orders a separate load balancer for the cantonal network.
Source of the header	Load balancer before eIAM-Web PEP
Comment

Header Name	X-trID
Exemple	r6502-0aa066fb-670b-a00a1c1e-16248ee5c5f-0006d5d4
Meaning	This header provides an identifier for the current transaction. Each access of a client via the eIAM-Web PEP is considered a single transaction. If the application logs logs this identifier, the transaction can be correlated between the eIAM-Web PEP and the application and can be correlated and tracked through the components;
Source of the header	eIAM-Web PEP
Comment

Header Name	transferID
Beispiel	r6502-0aa066fb-670b-a00a1c1e-16248ee5c5f-0006d5d4
Meaning	This header provides an identifier for the current transaction. Each access of a client via the eIAM-Web PEP is considered a single transaction. If the application logs logs this identifier, the transaction can be correlated between the eIAM-Web PEP and the application and can be correlated and tracked through the components;
Source of the header	eIAM-Web PEP
Comment	Provides the same value as X-trID. However, this is the "old" variant and has been retained for backwards compatibility.

Header Name	Host
Example	sharepoint-r.admin.ch.
Meaning	This header provides the information about the addressed FQDN. Whereby the addressedhost can be different from the client's point of view than from the point of view of the eIAM-Web PEP. Whereas from the client's point of view the addressed host is the load balancer in front of the eIAM-Web PEP, the addressed host from the point of view of the of the eIAM-Web PEP, the addressed host is the one of the backend reached via it.
Source of the header	eIAM-Web PEP
Comment

Header Name	isiwebsessionid
Example	VIYM7WEO4xp-QBuQ7dk-bkCqwcKmqAGml0XC10m_hLU
Meaning	This header provides the information about the current session of the client on the eIAM-Web PEP. This value can be used to correlate the log between eIAM-Web and the application can be correlated;
Source of the header	eIAM-Web PEP
Comment