Adding dynamic custom headers to server requests

IDE Services allows you to generate custom HTTP headers via an executable script, which can be used on end-user machines to enhance the security of server-client authorization between IDE Services Server, Toolbox App, and JetBrains IDEs.

Сonfiguring dynamic header generation involves the following steps.

Step 1. Create a custom script

You should create a custom script and make it available to the end users. The script output must comply with the following JSON specification:

        {
            "$schema": "http://json-schema.org/draft-07/schema#",
            "title": "DynamicHeadersScriptDto",
            "type": "object",
            "properties": {
                "headers": {
                    "type": "array",
                    "items": {
                        "$ref": "#/$defs/DynamicHeaderScriptDto"
                    }
                },
                "exp": {
                    "type": "integer",
                    "description": "Expiration timestamp as epoch seconds."
                }
            },
            "required": ["headers", "exp"],
            "$defs": {
                "DynamicHeaderScriptDto": {
                    "title": "DynamicHeaderScriptDto",
                    "type": "object",
                    "properties": {
                        "name": {
                            "type": "string"
                        },
                        "value": {
                            "type": "string"
                        }
                    },
                    "required": ["name", "value"]
                }
            }
        }
    

Step 2. Set VM option

In IDE Services, add a VM option that will be distributed to the users' IDEs.

Navigate to Profiles | <desired profile> | Settings + | VM option
In the Configure Virtual Machine Options dialog, add the following value:
-Dtbe.custom.headers.enabled=true
Click Save.

Step 3. Users update settings

The users must manually update their .settings.json file which is located at:

macOS: ~/Library/Application Support/JetBrains/Toolbox
Windows: %LOCALAPPDATA%\JetBrains\Toolbox\.settings.json
(for example: C:\Users\<username>\AppData\Local\JetBrains\Toolbox\.settings.json)
Linux: ~/.local/share/JetBrains/Toolbox/.settings.json

Under the Advanced parameter, add the following lines:

        {
            ...
            "advanced": {
                "dynamic_custom_headers_generator_path": "/path/to/script",
                "dynamic_custom_headers_unauthorized_response_header: "X-Custom-Header"
            }
            ...
        }
    

The value of the dynamic_custom_headers_generator_path parameter should point to the custom script you created.
The dynamic_custom_headers_unauthorized_response_header value defines the error response returned by the proxy service that handles header validation. It must match whatever value the proxy returns when encounters an incorrect header name. If an incorrect header is encountered, and the proxy returns 401, the response is distinguished from other 401 responses and does not trigger a user re-login requirement. The proxy adds the header name defined in dynamic_custom_headers_unauthorized_response_header, then the Toolbox App will retrigger the script to generate new headers.

08 June 2026