The Forward API methods proxies incoming requests to the LP-forward-url supplied parameter. Proxied requests are wrapped with the certificate provided according to the configuration parameters (accountId/servicName/Url which act as a unique key). If no configuration exists, the request will be proxied using regular TLS (rather than mTLS). The proxied http method in this method is POST (this corresponds to the method you'd like to use with the endpoint configured with LP-forward-url).

When submitting the forward request, the certificate will be fetched according to service name + url, wrapped and forwarded to the desired endponit and the response will be returned as if contacted the remote endpoint directly.


Method URL
POST https://[{domain}]/mtls/account/{accountId}

Request Headers

Header Description
Authorization Contains token string to allow request authentication and authorization, AppKey only API, Required.
LP-service-name Contains the service name which has the certificate in HashiCorp Vault. Not Required, Possible options: TEST_SERVICE/IDP/WEBHOOKS
LP-forward-url Contains the desired endpoint url of the client. Required.
LP-authorization-override Contains the authorizaion for the desired endpoint url of the client. Not Required.

Request Body

Body will be proxied as is to the remote endpoint (LP-forward-url), so the body submitted will be as if contacting the LP-forward-url value directly.

Path Parameters

Parameter Description Type/Value
accountId LP site ID String


Response Codes

Code Description
200 OK
401 Not Authenticated
403 Not Authorized
500 Internal Server Error
424 Client server throws Exception

mTLS detects if the request is failed at client server side then it will wrap the response in 424 with url and error message in the header. In case of 424 response, response header will be populated with LP-message-from-transport and LP-error-from-transport.

Response Body

Response will be returned from the LP-forward-url as if contacted directly.