Set Authorization headers for backend requests(solved)

Is it possible to add Authorization headers to all outgoing request from colyseus/Client (ts implementation)?
I have an API gateway that's secured through OpenID-Connect and would like to move my colyseus server behind it so I can use the same users as for my other services.
In the official documentation I've only found the possibility to add an accessToken for an FB login on the .login() method but maybe I've missed something.
Specifically I'm wondering about the POST to /matchmake as well as the GET for the session.

Thank you very much for this great tool and your assistance!

Hey probably kinda depends on the specific setup you have.
But in the room in the "onAuth()" callback you can access the header via the request object you get.
so on client side set the header with your accessToken
https://docs.colyseus.io/colyseus/server/room/#onauth-client-options-request

then for /matchmake or sessions endpoints i would add a express middleware
https://expressjs.com/en/guide/using-middleware.html

this would work if you use the express setup for the colyseus server:
https://docs.colyseus.io/colyseus/server/api/#optionsserver

also you have have to set on client side the header with some sort of intercepter
this doc helps if you develop you client for the web:
https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/webRequest

Hey, thank you very much for replying to my question.
The last link you provided would be what I'm looking for but it seems this is only possible for browser Add-ons and not a web application.
I looked at the colyseus.js Client implementation https://github.com/colyseus/colyseus.js/blob/master/src/Client.ts and it seems like the package used is httpie which is very lightweight but does not provide interception (possibility to add headers before any request is sent).

So here's what I'm trying to do:
0_1646085515428_colyseus_authorization_use_case.png

For this to be possible, the authorization needs to happen when the request gets to the API gateway. This means that the Authorization header would need to be present on the POST to /matchmake as well as the subsequent GET where the session is requested.

This use case does not seem to be possible with the current implementation of the colyseus.js package.
Are you interested in providing this functionality, i.E. is this something that warrants a feature request/PR?

Thank you!