How to Forward User Claims to DownStream-Apis ?

[RedEye-Developers]

 public static IServiceCollection AddPresentation(this IServiceCollection service, IConfiguration config)
    {
        service.AddSingleton<AddBearerTokenToHeadersTransform>();
        service.AddOpenApi();
        service.AddReverseProxy()
            .LoadFromConfig(config.GetSection("ReverseProxy"))
            .AddTransforms(context =>
            {
                if (!string.IsNullOrEmpty(context.Route.AuthorizationPolicy))
                {
                    context.RequestTransforms.Add(context.Services.GetRequiredService<AddBearerTokenToHeadersTransform>());
                }
            });

        return service;
    }

public class AddBearerTokenToHeadersTransform : RequestTransform
{
    public override async ValueTask ApplyAsync(RequestTransformContext context)
    {
        if (context.HttpContext.User.Identity is { IsAuthenticated: true })
        {
            var token = await context.HttpContext.GetTokenAsync("access_token");
                        
            if (!string.IsNullOrEmpty(token))
            {
                context.ProxyRequest.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
            }
        }
    }
}

this is my current set up.

this User Claims is coming in YARP HttpContext.User but this User-Claims not forwaring to DownSteam-Apis, it is possible to forward or wand to use Custom HTTP Headers to get the JWT Payload User datas ?

what is the good approach to do this ?

[MihaZupan]

The claims aren't a part of the HTTP request so they can't be forwarded as-is. They're inferred by your ASP.NET Core authentication settings based on who the user is and only exist within your process.

If you're already flowing JWTs around, you could have the backend process the JWT again, which would populate the claims again, or you'd have to forward the information to the backend in some other way yourself.
https://learn.microsoft.com/en-us/aspnet/core/fundamentals/servers/yarp/authn-authz