Release Notes and Announcements
- Release Notes
- Security Announcement
- Announcements
Product Introduction
- Overview
- Strengths
- Use Cases
- Comparison Between EdgeOne and CDN Products
- Use Limits
Purchase Guide
- Description of Trial Plan Experience Benefits
- Free Plan Guide
- Billing Overview
- Billing Items
- Subscriptions
- Renewals
- Instructions for overdue and refunds
- Comparison of EdgeOne Plans
- About "clean traffic" billing instructions
- DDoS Protection Capacity Description
Getting Started
- Choose business scenario
- Quick access to website security acceleration
- Quick deploying a website with Pages
Domain Service&Origin Configuration
- Domain Service
- HTTPS Certificate
- Origin Configuration
Site Acceleration
- Overview
- Access Control
- Smart Acceleration
- Cache Configuration
- File Optimization
- Network Optimization
- URL Rewrite
- Modifying Header
- Modify the response content
- Rule Engine
- Image&Video Processing
- Speed limit for single connection download
DDoS & Web Protection
- Overview
- DDoS Protection
- Web Protection
- Bot Management
- API Discovery（Beta）
Edge Functions
- Overview
- Getting Started
- Operation Guide
- Runtime APIs
- Sample Functions
- Best Practices
KV Storage
- Overview
- Operation Guide
Edge inference
- Edge Inference Overview
- Quick Guide
Pages
L4 Proxy
- Overview
- Creating an L4 Proxy Instance
- Modifying an L4 Proxy Instance
- Disabling or Deleting an L4 Proxy Instance
- Batch Configuring Forwarding Rules
- Obtaining Real Client IPs
Data Analysis&Log Service
- Log Service
- Data Analysis
- Alarm Service
Site and Billing Management
- Billing Management
- Site Management
- Version Management
- General Policy
General Reference
- Configuration Syntax
- Request and Response Actions
- Country/region and Corresponding Codes
Terraform
- Overview
- Installing and Configuring Terraform
Practical Tutorial
- EdgeOne Skill User Guide
- Automatic Warm-up/Cache Purge
- Resource Abuse/hotlinking Protection Practical
- HTTPS Related Practices
- Acceleration Optimization
- Scheduling Traffic
- Data Analysis and Alerting
- Log Platform Integration Practices
- Configuring Origin Servers for Cloud Object Storage (Such As COS)
- CORS Response Configuration
API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Site APIs
- Accelerated Domain Name Management APIs
- Site Acceleration Configuration APIs
- Edge Function APIs
- Alias Domain APIs
- Security Configuration APIs
- Layer 4 Application Proxy APIs
- Content Management APIs
- Data Analysis APIs
- Log Service APIs
- Billing APIs
- Certificate APIs
- Origin Protection APIs
- Load Balancing APIs
- Diagnostic Tool APIs
- Custom Response Page APIs
- Version Management APIs
- API Security APIs
- DNS Record APIs
- Content Identifier APIs
- Legacy APIs
- Ownership APIs
- Image and Video Processing APIs
- Multi-Channel Security Gateway APIs
- KV Storage APIs
- Data Types
- Error Codes
FAQs
- Product Features FAQs
- DNS Record FAQs
- Domain Configuration FAQs
- Site Acceleration FAQs
- Data and Log FAQs
- Security Protection-related Queries
- Origin Configuration FAQs
Troubleshooting
- Reference for Abnormal Status Codes
- Troubleshooting Guide for EdgeOne 4XX/5XX Status Codes
- 520/524 Status Code Troubleshooting Guide
- 521/522 Status Code Troubleshooting Guide
- Tool Guide
Agreements
- Service Level Agreement
- Origin Protection Enablement Conditions of Use
TEO Policy
- Privacy Policy
- Data Processing And Security Agreement
Contact Us
Glossary

Authenticating a Request Header

Focus Mode

Font Size

Last updated: 2024-01-25 11:43:50

This example demonstrates how to use an edge function to perform simple permission control by verifying the value of the x-custom-token request header. If the value is token-123456, access is allowed. Otherwise, access is denied.
Sample Code
async function handleRequest(request) {
  const token = request.headers.get('x-custom-token');
﻿
  if (token === 'token-123456') {
    return new Response('hello world');
  }
﻿
  // Incorrect key supplied. Reject the request.
  return new Response('Sorry, you have supplied an invalid token.', {
    status: 403,
  });
}
﻿
addEventListener('fetch', event => {
  event.respondWith(handleRequest(event.request));
});
Sample Preview
In the address bar of the browser, enter a URL that matches a trigger rule of the edge function to preview the effect of the sample code.
If authentication fails, access is denied.
﻿
If authentication is successful, access is allowed.
﻿
References
Runtime APIs: Headers
Runtime APIs: Response

Help and Support

Was this page helpful?

You can also Contact sales or Submit a Ticket for help.

Help us improve! Rate your documentation experience in 5 mins.

Feedback

tencent cloud

Tencent Cloud EdgeOne

Authenticating a Request Header

Sample Code

Sample Preview

References

Help and Support