9

I route a user to another web site from my Angular application using $window.open(url, ''). Currently they are directed to the login page but now there is a requirement for single sign on so the user can access the external site if they are logged in to my application. The external site has asked that I send a JavaScript Web Token in the Authorisation Header using the Bearer schema when I redirect the user.

How can I set the Authorization header in Angular when sending a user to anther site. I've only ever used the header in the context of communicating with an API ($http.get()), rather than sending the user elsewhere. I don't think $window.open has any means to do this so I might need to use something else.

Although this question is similar, the answer describes sending the token as a get parameter in the URL. The Authorization header is not used. how to add authentication header to $window.open

Community
  • 1
  • 1
Geraint Anderson
  • 3,234
  • 4
  • 28
  • 49
  • Possible duplicate of [how to add authentication header to $window.open](http://stackoverflow.com/questions/23138671/how-to-add-authentication-header-to-window-open) – Gecko Jul 19 '16 at 12:53
  • @stefchri That question sends the token in the url rather than as a header. That won't work here as I have no control over the destination. I need to use the bearer schema. – Geraint Anderson Jul 20 '16 at 11:33
  • did you find a solution to this? – Akash Agrawal Mar 23 '17 at 18:24
  • 2
    No. Instead I make a separate HTTP GET request setting the header, and the external site returns an authentication cookie which is set on the client. Then I redirect the user without a header. The third party application had to accommodate that as we didn't manage to set the header on a redirect. – Geraint Anderson Mar 24 '17 at 12:16

0 Answers0