authentication_identifier comes from cookies, not headers

sartography · Nov 9, 2023 · 205c778 · 205c778
1 parent a2d626e
commit 205c778
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/routes/authentication_controller.py b/spiffworkflow-backend/src/spiffworkflow_backend/routes/authentication_controller.py
@@ -350,7 +350,7 @@ def _get_user_model_from_token(token: str) -> UserModel | None:
 
         elif "iss" in decoded_token.keys():
             user_info = None
-            authentication_identifier = request.headers["authentication_identifier"]
+            authentication_identifier = request.cookies["authentication_identifier"]
             try:
                 if AuthenticationService.validate_id_or_access_token(
                     token, authentication_identifier=authentication_identifier