Merge pull request #313342 from TwistedAlex/docs-editor/data-connector-connection-rule-1773852212

prmerger-automator[bot] · web-flow · commit c020996f92c9 · 2026-03-18T17:00:56.000Z
Update data-connector-connection-rules-reference.md
diff --git a/articles/sentinel/data-connector-connection-rules-reference.md b/articles/sentinel/data-connector-connection-rules-reference.md
@@ -310,26 +310,26 @@ JSON Web Token (JWT) authentication supports obtaining tokens via username and p
 
 Follow this authentication flow:
 
-1. Send credentials to `TokenEndpoint` to obtain JWT token.
+1. Send credentials to `TokenEndpoint` to obtain JWT token, when using `userName` and `password`, `IsCredentialsInHeaders` is used to determine where to put credentials in the request.
 
    - If `IsCredentialsInHeaders: true`: Sends a basic authentication header with `username:password`.
    - If `IsCredentialsInHeaders: false`: Sends credentials in a `POST` body.
 
 2. Extract the token by using `JwtTokenJsonPath` or from the response header.
 
-3. Use the token in subsequent API requests with the `ApiKeyName` header.
+3. The Authorization header for the JWT tokens is a constant and will always be "Authorization".
 
 |Field |Required |Type |Description	|
 | ---- | ---- | ---- | ---- |
 | `type`                      | True      | String   | The type. Must be `JwtToken` |
 | `userName`                  | True (if `userToken` isn't used)      | Object   | The key/value pair for the `userName` credential. If `userName` and `password` are sent in the header request, specify the `value` property with the username. If `userName` and `password` are sent in the body request, specify `Key` and `Value`. |
 | `password`                  | True (if `userToken` isn't used) | Object   | The key/value pair for the password credential. If `userName` and `password` are sent in the header request, specify the `value` property with the `userName`. If `userName` and `password` are sent in the body request, specify `Key` and `Value`. |
 | `userToken`                  | True (if `userName` isn't used)     | String   | The user token generated by the client to get the system token for authentication. |
-| `UserTokenPrepend`                  | False     | String   | The value that indicates whether to prepend text before the token. Example: `Bearer`. |
+| `UserTokenPrepend`                  | False     | String   | The value that indicates whether to prepend text before the token. Default: `Bearer`. |
 | `NoAccessTokenPrepend`                  | False     | Boolean   | An access flag that indicates that the token shouldn't prepend anything. |
 | `TokenEndpointHttpMethod`                  | False     | String   | The HTTP method for token endpoint. It can be `Get` or `Post`. The default is `Post`. |
 | `TokenEndpoint`             | True      | String   | The URL endpoint that's used to obtain the JWT token. |
-| `IsCredentialsInHeaders`    |           | Boolean  | The value that indicates whether to send credentials as a basic authentication header (`true`) versus a `POST` body (`false`). The default is `false`. |
+| `IsCredentialsInHeaders`    |           | Boolean  | The value that indicates whether to send credentials as a basic authentication header (`true`) versus a `POST` body (`false`), ignored when using `userToken`. The default is `false`. |
 | `IsJsonRequest`             |           | Boolean  | The value that indicates whether to send the request in JSON (header `Content-Type = application/json`) versus form-encoded (header `Content-Type = application/x-www-form-urlencoded`). The default is `false`. |
 | `JwtTokenJsonPath`          |           | String   | The value that indicates the `JSONPath` value to use to extract the token from the response. For example: `$.access_token`. |
 | `JwtTokenInResponseHeader`  |           | Boolean  | The value that indicates whether to extract the token from the response header versus the body. The default is `false`. |
@@ -339,17 +339,6 @@ Follow this authentication flow:
 | `Headers`                   |           | Object   | The custom headers to include when sending the request to the token endpoint. |
 | `RequestTimeoutInSeconds`   |           | Integer  | The request timeout in seconds. The default value is `100`, with a maximum value of `180`. |
 
-Follow this authentication flow:
-
-1. Send credentials to `TokenEndpoint` to obtain the JWT token.
-
-   - If `IsCredentialsInHeaders: true`: sends a basic authentication header with `username:password`.
-   - If `IsCredentialsInHeaders: false`: sends credentials in a `POST` body.
-
-2. Extract the token by using `JwtTokenJsonPath` or from the response header.
-
-3. Use the token in subsequent API requests with the `ApiKeyName` header.
-
    > [!NOTE]
    > Limitations
    >
